5
CVE-2010-5093
- EPSS 1.55%
- Veröffentlicht 26.08.2012 18:55:01
- Zuletzt bearbeitet 16.06.2026 23:26:07
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
LoginMember_ProfileForm in security/Member.php in SilverStripe 2.3.x before 2.3.7 allows remote attackers to hijack user accounts by saving data using the email address (ID) of another user.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Silverstripe ≫ Silverstripe Version2.3.0
Silverstripe ≫ Silverstripe Version2.3.0 Updaterc1
Silverstripe ≫ Silverstripe Version2.3.0 Updaterc2
Silverstripe ≫ Silverstripe Version2.3.0 Updaterc3
Silverstripe ≫ Silverstripe Version2.3.1
Silverstripe ≫ Silverstripe Version2.3.1 Updaterc1
Silverstripe ≫ Silverstripe Version2.3.1 Updaterc2
Silverstripe ≫ Silverstripe Version2.3.2
Silverstripe ≫ Silverstripe Version2.3.3
Silverstripe ≫ Silverstripe Version2.3.4
Silverstripe ≫ Silverstripe Version2.3.5
Silverstripe ≫ Silverstripe Version2.3.6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.55% | 0.718 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|
http://www.openwall.com/lists/oss-security/2012/04/30/3
http://www.openwall.com/lists/oss-security/2012/04/30/1
http://www.openwall.com/lists/oss-security/2012/05/01/3
http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.3.7
http://open.silverstripe.org/changeset/100744
http://www.silverstripe.org/security-releases