Количество 3
Количество 3
CVE-2010-5079
SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 uses weak entropy when generating tokens for (1) the CSRF protection mechanism, (2) autologin, (3) "forgot password" functionality, and (4) password salts, which makes it easier for remote attackers to bypass intended access restrictions via unspecified vectors.
CVE-2010-5079
SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 uses weak entr ...
GHSA-mwv8-cjqm-hg4h
SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 uses weak entropy when generating tokens for (1) the CSRF protection mechanism, (2) autologin, (3) "forgot password" functionality, and (4) password salts, which makes it easier for remote attackers to bypass intended access restrictions via unspecified vectors.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2010-5079 SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 uses weak entropy when generating tokens for (1) the CSRF protection mechanism, (2) autologin, (3) "forgot password" functionality, and (4) password salts, which makes it easier for remote attackers to bypass intended access restrictions via unspecified vectors. | CVSS2: 5 | 1% Низкий | больше 13 лет назад |
| CVE-2010-5079 SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 uses weak entr ... | CVSS2: 5 | 1% Низкий | больше 13 лет назад |
| GHSA-mwv8-cjqm-hg4h SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 uses weak entropy when generating tokens for (1) the CSRF protection mechanism, (2) autologin, (3) "forgot password" functionality, and (4) password salts, which makes it easier for remote attackers to bypass intended access restrictions via unspecified vectors. | 1% Низкий | больше 3 лет назад |
Уязвимостей на страницу