Unrated severityNVD Advisory· Published Jan 29, 2014· Updated Jun 16, 2026
CVE-2013-4889
CVE-2013-4889
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in index.php in Digital Signage Xibo 1.4.2 allow remote attackers to hijack the authentication of administrators for requests that (1) add a new administrator via the AddUser action or (2) conduct cross-site scripting (XSS) attacks, as demonstrated by CVE-2013-4888.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:xibosignage:xibo:1.4.2:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:xibosignage:xibo:1.4.2:*:*:*:*:*:*:*
- (no CPE)range: =1.4.2
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.