SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP Wordpress Press-This cross site request forgery attempt
In WordPress before 4.7.3, there is cross-site request forgery (CSRF) in Press This (wp-admin/includes/class-wp-press-this.php), leading to excessive use of server resources. The CSRF can trigger an outbound HTTP request for a large file that is then parsed by Press This. Impact: CVSS base score 6.5 CVSS impact score 3.6 CVSS exploitability score 2.8 confidentialityImpact NONE integrityImpact NONE availabilityImpact NONE Details: Ease of Attack:
No information provided
No public information
No known false positives
Talos research team. This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology. For more information see [nvd].
No rule groups
CVE-2017-6819 |
Loading description
|