The check_referer() function in Formmail.php 5.0 and earlier allows remote attackers to bypass access restrictions via an empty or spoofed HTTP Referer, as demonstrated using an application on the same web server that contains a cross-site scripting (XSS) issue.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2004-03-18T05:00:00
Updated: 2017-07-10T14:57:01
Reserved: 2004-03-17T00:00:00
Link: CVE-2004-0259
JSON object: View
NVD Information
Status : Modified
Published: 2004-11-23T05:00:00.000
Modified: 2017-07-11T01:30:01.087
Link: CVE-2004-0259
JSON object: View
Redhat Information
No data.
CWE