VYPR
High severity8.8NVD Advisory· Published Oct 6, 2017· Updated Jun 17, 2026

CVE-2017-15063

CVE-2017-15063

Description

There are CSRF vulnerabilities in Subrion CMS 4.1.x through 4.1.5, and before 4.2.0, because of a logic error. Although there is functionality to detect CSRF, it is called too late in the ia.core.php code, allowing (for example) an attack against the query parameter to panel/database.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
intelliants/subrionPackagist
>= 4.1, < 4.2.04.2.0

Affected products

2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.