Cross-site request forgery (CSRF) vulnerability in Symphony CMS prior to 2.3.2 allows remote malicious users to hijack the authentication of administrators for requests that conduct SQL injection attacks via the sort parameter to system/authors/, related to CVE-2013-2559.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
getsymphony symphony |
||
getsymphony symphony 2.0.7 |
||
getsymphony symphony 2.1.1 |
||
getsymphony symphony 2.0 |
||
getsymphony symphony 2.0.3 |
||
getsymphony symphony 2.0.4 |
||
getsymphony symphony 2.0.5 |
||
getsymphony symphony 2.3 |
||
getsymphony symphony 2.0.6 |
||
getsymphony symphony 2.1.0 |