CVE-2014-125057 LOW

CVE-2014-125057: mrobit robitailletheknot CSRF Token filters.php comparison

Vendor Mrobit
Product robitailletheknot
Weakness CWE-697
Published January 7, 2023
Last update April 9, 2025

CVSS base score

3.1/10
Attack vector Network
Attack complexity High
Privileges required Low
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

A vulnerability was found in mrobit robitailletheknot. It has been classified as problematic. This affects an unknown part of the file app/filters.php of the component CSRF Token Handler. The manipulation of the argument _token leads to incorrect comparison. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The patch is named 6b2813696ccb88d0576dfb305122ee880eb36197. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217599.

Key dates

02Disclosure timeline

January 7, 2023 CVE published
April 9, 2025 Record updated