CVE-2010-5080

Published: Aug 26, 2012Modified: Apr 29, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

The Security/changepassword URL action in SilverStripe 2.3.x before 2.3.10 and 2.4.x before 2.4.4 passes a token as a GET parameter while changing a password through email, which allows remote attackers to obtain sensitive data and hijack the session via the HTTP referer logs on a server, aka "HTTP referer leakage."

Affected (19)

Products: Silverstripe: Silverstripe

1 product

Configuration A

19 vulnerable

Vulnerable Software	Affected Versions
Silverstripe Silverstripe	Version 2.3.0
Silverstripe Silverstripe	Version 2.3.0 rc1
Silverstripe Silverstripe	Version 2.3.0 rc2
Silverstripe Silverstripe	Version 2.3.0 rc3
Silverstripe Silverstripe	Version 2.3.1
Silverstripe Silverstripe	Version 2.3.1 rc1
Silverstripe Silverstripe	Version 2.3.1 rc2
Silverstripe Silverstripe	Version 2.3.2
Silverstripe Silverstripe	Version 2.3.3
Silverstripe Silverstripe	Version 2.3.4
Silverstripe Silverstripe	Version 2.3.5
Silverstripe Silverstripe	Version 2.3.6
Silverstripe Silverstripe	Version 2.3.7
Silverstripe Silverstripe	Version 2.3.8
Silverstripe Silverstripe	Version 2.3.9
Silverstripe Silverstripe	Version 2.4.0
Silverstripe Silverstripe	Version 2.4.1
Silverstripe Silverstripe	Version 2.4.2
Silverstripe Silverstripe	Version 2.4.3

Related CWEs

Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

References (18)

http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.3.10

Source: secalert@redhat.com

http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.4.4

Source: secalert@redhat.com

http://open.silverstripe.org/changeset/114758

Source: secalert@redhat.com

http://secunia.com/advisories/42346

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2011/01/03/12

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2012/04/30/1

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2012/04/30/3

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2012/05/01/3

Source: secalert@redhat.com

http://www.osvdb.org/69887

Source: secalert@redhat.com

http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.3.10

Source: af854a3a-2127-422b-91ae-364da2661108

http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.4.4

Source: af854a3a-2127-422b-91ae-364da2661108

http://open.silverstripe.org/changeset/114758

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/42346

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2011/01/03/12

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2012/04/30/1

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2012/04/30/3

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2012/05/01/3

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/69887

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.