Количество 3
Количество 3
CVE-2010-5080
The Security/changepassword URL action in SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 passes a token as a GET parameter while changing a password through email, which allows remote attackers to obtain sensitive data and hijack the session via the HTTP referer logs on a server, aka "HTTP referer leakage."
CVE-2010-5080
The Security/changepassword URL action in SilverStripe 2.3.x before 2. ...
GHSA-wwx7-wcmg-pw6h
The Security/changepassword URL action in SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 passes a token as a GET parameter while changing a password through email, which allows remote attackers to obtain sensitive data and hijack the session via the HTTP referer logs on a server, aka "HTTP referer leakage."
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2010-5080 The Security/changepassword URL action in SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 passes a token as a GET parameter while changing a password through email, which allows remote attackers to obtain sensitive data and hijack the session via the HTTP referer logs on a server, aka "HTTP referer leakage." | CVSS2: 6.8 | 1% Низкий | больше 13 лет назад |
| CVE-2010-5080 The Security/changepassword URL action in SilverStripe 2.3.x before 2. ... | CVSS2: 6.8 | 1% Низкий | больше 13 лет назад |
| GHSA-wwx7-wcmg-pw6h The Security/changepassword URL action in SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 passes a token as a GET parameter while changing a password through email, which allows remote attackers to obtain sensitive data and hijack the session via the HTTP referer logs on a server, aka "HTTP referer leakage." | 1% Низкий | больше 3 лет назад |
Уязвимостей на страницу