oss-sec mailing list archives
Re: CVE request: Simple Machines Forum (SMF) <= 2.0.5 - multiple vulnerabilities
From: Henri Salo <henri () nerv fi>
Date: Wed, 25 Sep 2013 19:45:47 +0300
On Wed, Sep 25, 2013 at 02:33:14PM +0000, Moritz Naumann wrote:
This CSRF doesn't work for me on two 2.0.4 installations I tested on.
You are correct.
Both return Unable to verify referring url. Please go back and try again.
Actual error message for me: "Your session timed out while posting. Please go back and try again." I'm really sorry about this. I even tested using different computer so I don't know what I previously did wrong/different. Thank you for correcting this. --- Henri Salo
Attachment:
signature.asc
Description: Digital signature
Current thread:
- CVE request: Simple Machines Forum (SMF) <= 2.0.5 - multiple vulnerabilities Henri Salo (Sep 15)
- Re: CVE request: Simple Machines Forum (SMF) <= 2.0.5 - multiple vulnerabilities Kurt Seifried (Sep 16)
- Re: CVE request: Simple Machines Forum (SMF) <= 2.0.5 - multiple vulnerabilities Henri Salo (Sep 24)
- Re: CVE request: Simple Machines Forum (SMF) <= 2.0.5 - multiple vulnerabilities Moritz Naumann (Sep 25)
- Re: CVE request: Simple Machines Forum (SMF) <= 2.0.5 - multiple vulnerabilities Henri Salo (Sep 25)
- Re: CVE request: Simple Machines Forum (SMF) <= 2.0.5 - multiple vulnerabilities Kurt Seifried (Sep 25)
- Re: CVE request: Simple Machines Forum (SMF) <= 2.0.5 - multiple vulnerabilities Henri Salo (Sep 25)
- Re: CVE request: Simple Machines Forum (SMF) <= 2.0.5 - multiple vulnerabilities Henri Salo (Sep 24)
- Re: CVE request: Simple Machines Forum (SMF) <= 2.0.5 - multiple vulnerabilities Kurt Seifried (Sep 16)