CVE-2013-2653

Publication date

2013-11-13 00:00:00

Family

mitre

State

PUBLISHED

Description

security/MemberLoginForm.php in SilverStripe 3.0.3 supports login using a GET request, which makes it easier for remote attackers to conduct phishing attacks without detection by the victim.