CVE-2010-5087
26.08.2012, 18:55
SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism and hijack the authentication of administrators via vectors related to "form action requests" using a controller.Enginsight
| Vendor | Product | Version |
|---|---|---|
| silverstripe | silverstripe | 2.3.0 |
| silverstripe | silverstripe | 2.3.0:rc1 |
| silverstripe | silverstripe | 2.3.0:rc2 |
| silverstripe | silverstripe | 2.3.0:rc3 |
| silverstripe | silverstripe | 2.3.1 |
| silverstripe | silverstripe | 2.3.1:rc1 |
| silverstripe | silverstripe | 2.3.1:rc2 |
| silverstripe | silverstripe | 2.3.2 |
| silverstripe | silverstripe | 2.3.3 |
| silverstripe | silverstripe | 2.3.4 |
| silverstripe | silverstripe | 2.3.5 |
| silverstripe | silverstripe | 2.3.6 |
| silverstripe | silverstripe | 2.3.7 |
| silverstripe | silverstripe | 2.3.8 |
| silverstripe | silverstripe | 2.3.9 |
| silverstripe | silverstripe | 2.3.10 |
| silverstripe | silverstripe | 2.4.0 |
| silverstripe | silverstripe | 2.4.1 |
| silverstripe | silverstripe | 2.4.2 |
| silverstripe | silverstripe | 2.4.3 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References