Required CVE Record Information
Description
includes/classes/ia.core.users.php in Subrion CMS 4.0.5 allows remote attackers to conduct PHP Object Injection attacks via crafted serialized data in a salt cookie in a login request.
References 2 Total
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 2 Total
- https://github.com/intelliants/subrion/issues/297 x_transferred
- securityfocus.com: 95688 vdb-entryx_transferred