CVE-2011-4947

NONECVSS 0.0

0.0

Cross-site request forgery (CSRF) vulnerability in e107_admin/users_extended.php in e107 before 0.7.26 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences via the user_include parameter.

🔗 References (12)

secalert@redhathttp://e107.org/svn_changelog.php?version=0.7.26
secalert@redhathttp://e107.svn.sourceforge.net/viewvc/e107/trunk/e107_0.7/e107_admin/users_extended.php?r1=12225&r2=12306
secalert@redhathttp://www.openwall.com/lists/oss-security/2012/03/28/4
secalert@redhathttp://www.openwall.com/lists/oss-security/2012/03/29/3
secalert@redhathttps://exchange.xforce.ibmcloud.com/vulnerabilities/68062
secalert@redhathttps://www.htbridge.com/advisory/multiple_vulnerabilities_in_e107_1.html
af854a3a-2127-422b-91ae-364da2661108http://e107.org/svn_changelog.php?version=0.7.26
af854a3a-2127-422b-91ae-364da2661108http://e107.svn.sourceforge.net/viewvc/e107/trunk/e107_0.7/e107_admin/users_extended.php?r1=12225&r2=12306
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2012/03/28/4
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2012/03/29/3
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/68062
af854a3a-2127-422b-91ae-364da2661108https://www.htbridge.com/advisory/multiple_vulnerabilities_in_e107_1.html

Is Your Infrastructure Affected by CVE-2011-4947?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2011-4947

📅 Published

🔄 Last Modified

🔗 References (12)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2011-4947?