CVE-2017-20065

Supsystic Popup Plugin cross-site request forgery

CVSS 4.3 MEDIUMEPSS 0.7%CWE-352

A vulnerability was found in Supsystic Popup Plugin 1.7.6 and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Affected products

Supsystic · Popup Plugin

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://seclists.org/fulldisclosure/2017/Feb/97 https://map.httpcs.com/alert/284665 https://vuldb.com/?id.97385 https://www.exploit-db.com/exploits/41485/