PT-2012-6179 · Samedia · Samedia Landshop
The_Storm
·
Published
2012-11-17
·
Updated
2012-11-19
·
CVE-2012-5898
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
SAMEDIA LandShop version 0.9.2
Description
A cross-site request forgery (CSRF) issue allows remote attackers to hijack the authentication of administrators for requests that change account settings. This can lead to unauthorized changes to account settings.
Recommendations
For SAMEDIA LandShop version 0.9.2, update to a version that includes a fix for this issue, as using this version poses a significant risk due to the potential for account setting changes by unauthorized parties. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Samedia Landshop