CVE-2011-1682

Multiple cross-site request forgery (CSRF) vulnerabilities in phpList 2.10.13 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) create a list or (2) insert cross-site scripting (XSS) sequences.  NOTE: this issue exists because of an incomplete fix for CVE-2011-0748.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 51%
VendorProductVersion
tincanphplist
𝑥
≤ 2.10.13
tincanphplist
1.0
tincanphplist
1.0.1
tincanphplist
1.1.2b:b
tincanphplist
1.1.3b:b
tincanphplist
1.1.4b:b
tincanphplist
1.1.5
tincanphplist
1.1.5b:b
tincanphplist
1.1.6
tincanphplist
1.1.7
tincanphplist
1.3.5
tincanphplist
1.3.7
tincanphplist
1.4.1
tincanphplist
1.5.0
tincanphplist
1.5.1
tincanphplist
1.6.0
tincanphplist
1.6.1
tincanphplist
1.6.3
tincanphplist
1.6.4
tincanphplist
1.7.0
tincanphplist
1.7.1
tincanphplist
1.8.0
tincanphplist
1.9.0
tincanphplist
1.9.1
tincanphplist
1.9.2
tincanphplist
1.9.3
tincanphplist
2.1.0
tincanphplist
2.1.1
tincanphplist
2.1.3
tincanphplist
2.1.4
tincanphplist
2.2.0
tincanphplist
2.2.1
tincanphplist
2.3.0
tincanphplist
2.3.1
tincanphplist
2.3.2
tincanphplist
2.3.3
tincanphplist
2.3.4
tincanphplist
2.4.0
tincanphplist
2.4.7
tincanphplist
2.5.0
tincanphplist
2.5.1
tincanphplist
2.5.2
tincanphplist
2.5.3
tincanphplist
2.5.4
tincanphplist
2.5.5
tincanphplist
2.5.6
tincanphplist
2.5.7
tincanphplist
2.5.8
tincanphplist
2.6
tincanphplist
2.6.0
tincanphplist
2.6.1
tincanphplist
2.6.2
tincanphplist
2.6.3
tincanphplist
2.6.4
tincanphplist
2.6.5
tincanphplist
2.7.1
tincanphplist
2.7.2
tincanphplist
2.8.2
tincanphplist
2.8.7
tincanphplist
2.8.12
tincanphplist
2.9.3
tincanphplist
2.9.4
tincanphplist
2.9.5
tincanphplist
2.10.1
tincanphplist
2.10.2
tincanphplist
2.10.3
tincanphplist
2.10.4
tincanphplist
2.10.5
tincanphplist
2.10.6
tincanphplist
2.10.7
tincanphplist
2.10.8
tincanphplist
2.10.9
tincanphplist
2.10.10
tincanphplist
2.10.11
tincanphplist
2.10.12
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/44041
https://exchange.xforce.ibmcloud.com/vulnerabilities/66666
https://exchange.xforce.ibmcloud.com/vulnerabilities/66816
http://secunia.com/advisories/44041
https://exchange.xforce.ibmcloud.com/vulnerabilities/66666
https://exchange.xforce.ibmcloud.com/vulnerabilities/66816