Описание
security/MemberLoginForm.php in SilverStripe 3.0.3 supports login using a GET request, which makes it easier for remote attackers to conduct phishing attacks without detection by the victim.
Ссылки
- Exploit
- Patch
- Exploit
- Patch
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:silverstripe:silverstripe:3.0.3:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05747
Низкий
5.8 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
debian
около 12 лет назад
security/MemberLoginForm.php in SilverStripe 3.0.3 supports login usin ...
github
больше 3 лет назад
security/MemberLoginForm.php in SilverStripe 3.0.3 supports login using a GET request, which makes it easier for remote attackers to conduct phishing attacks without detection by the victim.
EPSS
Процентиль: 90%
0.05747
Низкий
5.8 Medium
CVSS2
Дефекты
CWE-20