CVE-2015-5660 in Ubuntu

CVE-2015-5660

Priority

Description

Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8
allows remote attackers to hijack the authentication of arbitrary users for
requests that execute PHP code.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5660
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000126
http://jvn.jp/en/jp/JVN92520335/index.html
http://extplorer.net/news/18

Notes

Package

Source: extplorer (LP Ubuntu Debian)

Upstream:	released (2.1.8)
Ubuntu 14.04 ESM (Trusty Tahr):	DNE (trusty was released [2.1.0b6+dfsg.3-4+deb7u3build0.14.04.1])
Ubuntu 20.04 FIPS Compliant (Focal Fossa):	DNE

Patches:

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2022-02-11 01:00:25 UTC (commit acb3d89ab51f1d5e5543fa993969c0eb13c71f04)