Full Disclosure

[KIS-2016-08] Concrete5 <= 5.7.3.1 Multiple Cross-Site Request Forgeries Vulnerabilities

June 28, 2016 007admin Leave a comment

Posted by Egidio Romano on Jun 28

————————————————————————–
Concrete5 <= 5.7.3.1 Multiple Cross-Site Request Forgeries Vulnerabilities
————————————————————————–

[-] Software Link:

https://www.concrete5.org/

[-] Affected Versions:

Version 5.7.3.1 and probably other versions.

[-] Vulnerabilities Description:

Concrete5 implements a Synchronizer Token Pattern in order to provide…

Leave a Reply Cancel reply

You must be logged in to post a comment.

Software and Security Information