Back to CVE Browser

CVE-2016-1170

HIGH

8.8

CVSS Severity Score

EPSS Score0.0760%

EPSS Percentile21.83th

PublishedApr 6, 2016

Last ModifiedMay 6, 2026

Vulnerability Description

Cross-site request forgery (CSRF) vulnerability in the Casebook plugin before 0.9.4 for baserCMS allows remote attackers to hijack the authentication of administrators.

Affected Platforms (CPE)

📦

Hiniarata

Casebook Plugin

<= 0.9.3

References & Advisories

🔗 http://jvn.jp/en/jp/JVN55801246/index.html

🔗 http://jvndb.jvn.jp/jvndb/JVNDB-2016-000045

🔗 https://hiniarata.jp/news/archives/55

🔗 http://jvn.jp/en/jp/JVN55801246/index.html

🔗 http://jvndb.jvn.jp/jvndb/JVNDB-2016-000045

🔗 https://hiniarata.jp/news/archives/55

Related Vulnerabilities

CVE-2016-11696.1

Cross-site scripting (XSS) vulnerability in the Casebook plugin before 0.9.4 for baserCMS allows remote attackers to inject arbitr...

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc all...