Vulnerability Details CVE-2012-6047
Cross-site request forgery (CSRF) vulnerability in X7 Chat 2.0.5.1 and earlier allows remote attackers to hijack the authentication of administrators for requests that add a user to an arbitrary group via the users page in an adminpanel action to index.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 51.7%
CVSS Severity
CVSS v2 Score 6.8
Products affected by CVE-2012-6047
-
cpe:2.3:a:x7_group:x7_chat:1.0.0b
-
cpe:2.3:a:x7_group:x7_chat:1.1.1b
-
cpe:2.3:a:x7_group:x7_chat:1.1.2b
-
cpe:2.3:a:x7_group:x7_chat:1.2.0b
-
cpe:2.3:a:x7_group:x7_chat:1.3.0b
-
cpe:2.3:a:x7_group:x7_chat:1.3.1b
-
cpe:2.3:a:x7_group:x7_chat:1.3.2b
-
cpe:2.3:a:x7_group:x7_chat:1.3.3b
-
cpe:2.3:a:x7_group:x7_chat:1.3.4b
-
cpe:2.3:a:x7_group:x7_chat:1.3.5b
-
cpe:2.3:a:x7_group:x7_chat:1.3.6
-
cpe:2.3:a:x7_group:x7_chat:2.0.0
-
cpe:2.3:a:x7_group:x7_chat:2.0.2
-
cpe:2.3:a:x7_group:x7_chat:2.0.3
-
cpe:2.3:a:x7_group:x7_chat:2.0.4.4
-
cpe:2.3:a:x7_group:x7_chat:2.0.5.1