CVE-2017-9064

Опубликовано: 18 мая 2017

Источник: ubuntu

Приоритет: medium

CVSS2: 6.8

CVSS3: 8.8

Описание

In WordPress before 4.7.5, a Cross Site Request Forgery (CSRF) vulnerability exists in the filesystem credentials dialog because a nonce is not required for updating credentials.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected	4.9.5+dfsg1-1
cosmic	not-affected	4.9.5+dfsg1-1
devel	not-affected	4.9.5+dfsg1-1
disco	not-affected	4.9.5+dfsg1-1
eoan	not-affected	4.9.5+dfsg1-1
esm-apps/bionic	not-affected	4.9.5+dfsg1-1
esm-apps/focal	not-affected	4.9.5+dfsg1-1
esm-apps/jammy	not-affected	4.9.5+dfsg1-1
esm-apps/noble	not-affected	4.9.5+dfsg1-1

Показывать по

Ссылки на источники

6.8 Medium

CVSS2

8.8 High

CVSS3

Связанные уязвимости

CVE-2017-9064

CVSS3: 8.8

nvd

больше 8 лет назад

In WordPress before 4.7.5, a Cross Site Request Forgery (CSRF) vulnerability exists in the filesystem credentials dialog because a nonce is not required for updating credentials.

CVE-2017-9064

CVSS3: 8.8

debian

больше 8 лет назад

In WordPress before 4.7.5, a Cross Site Request Forgery (CSRF) vulnera ...

GHSA-74wg-f546-8h73

CVSS3: 8.8

github

больше 3 лет назад

In WordPress before 4.7.5, a Cross Site Request Forgery (CSRF) vulnerability exists in the filesystem credentials dialog because a nonce is not required for updating credentials.

6.8 Medium

CVSS2

8.8 High

CVSS3

CVE-2017-9064

Описание

Пакет wordpress

Ссылки на источники

Связанные уязвимости