SecuritySpace - CVE-2021-44122

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2021-44122

Description: SPIP 4.0.0 is affected by a Cross Site Request Forgery (CSRF) vulnerability in ecrire/public/aiguiller.php, ecrire/public/balises.php, ecrire/balise/formulaire_.php. To exploit the vulnerability, a visitor must visit a malicious website which redirects to the SPIP website. It is also possible to combine XSS vulnerabilities in SPIP 4.0.0 to exploit it. The vulnerability allows an authenticated attacker to execute malicious code without the knowledge of the user on the website (CSRF).

Test IDs: 1.3.6.1.4.1.25623.1.1.12.2023.5482.2

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2021-44122
https://git.spip.net/spip/spip/commit/1b8e4f404c2441c15ca6540b9a6d8e50cff219db

CVE ID:	CVE-2021-44122
Description:	SPIP 4.0.0 is affected by a Cross Site Request Forgery (CSRF) vulnerability in ecrire/public/aiguiller.php, ecrire/public/balises.php, ecrire/balise/formulaire_.php. To exploit the vulnerability, a visitor must visit a malicious website which redirects to the SPIP website. It is also possible to combine XSS vulnerabilities in SPIP 4.0.0 to exploit it. The vulnerability allows an authenticated attacker to execute malicious code without the knowledge of the user on the website (CSRF).
Test IDs:	1.3.6.1.4.1.25623.1.1.12.2023.5482.2
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2021-44122 https://git.spip.net/spip/spip/commit/1b8e4f404c2441c15ca6540b9a6d8e50cff219db