PT-2013-3498 · Studio 42 · Elfinder

Publicado

2013-06-24

Atualizado

2017-08-29

CVE-2013-1972

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions elFinder file manager module versions 6.x-0.x before 6.x-0.8 elFinder file manager module versions 7.x-0.x before 7.x-0.8

Description A cross-site request forgery (CSRF) issue exists, allowing remote attackers to hijack the authentication of victims and perform unauthorized file operations, such as creating, modifying, or deleting files.

Recommendations For elFinder file manager module versions 6.x-0.x before 6.x-0.8, update to version 6.x-0.8 or later. For elFinder file manager module versions 7.x-0.x before 7.x-0.8, update to version 7.x-0.8 or later.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2013-1972

Produtos afetados

Elfinder

PT-2013-3498 · Studio 42 · Elfinder

CVE-2013-1972

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7