exploitDog

GHSA-q66r-2xgj-6wcp

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

security/MemberLoginForm.php in SilverStripe 3.0.3 supports login using a GET request, which makes it easier for remote attackers to conduct phishing attacks without detection by the victim.

security/MemberLoginForm.php in SilverStripe 3.0.3 supports login using a GET request, which makes it easier for remote attackers to conduct phishing attacks without detection by the victim.

Ссылки

EPSS

Процентиль: 90%

0.05747

Низкий

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2013-2653

nvd

около 12 лет назад

security/MemberLoginForm.php in SilverStripe 3.0.3 supports login using a GET request, which makes it easier for remote attackers to conduct phishing attacks without detection by the victim.

CVE-2013-2653

debian

около 12 лет назад

security/MemberLoginForm.php in SilverStripe 3.0.3 supports login usin ...

EPSS

Процентиль: 90%

0.05747

Низкий

CVE ID

Дефекты

CWE-20