{"id":"CVE-2016-15009","details":"A vulnerability classified as problematic has been found in OpenACS bug-tracker. Affected is an unknown function of the file lib/nav-bar.adp of the component Search. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The name of the patch is aee43e5714cd8b697355ec3bf83eefee176d3fc3. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217440.","modified":"2026-03-14T09:18:41.887155Z","published":"2023-01-05T09:15:08.290Z","references":[{"type":"ADVISORY","url":"https://vuldb.com/?ctiid.217440"},{"type":"ADVISORY","url":"https://vuldb.com/?id.217440"},{"type":"FIX","url":"https://github.com/openacs/bug-tracker/commit/aee43e5714cd8b697355ec3bf83eefee176d3fc3"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/openacs/bug-tracker","events":[{"introduced":"0"},{"fixed":"aee43e5714cd8b697355ec3bf83eefee176d3fc3"}]},{"type":"GIT","repo":"https://github.com/openacs/bug-tracker","events":[{"introduced":"0"},{"fixed":"aee43e5714cd8b697355ec3bf83eefee176d3fc3"}]}],"versions":["before-i18n","jcd-merge-post-20040517","jcd-merge-post-20040628","jcd-merge-post-20040724","jcd-merge-post-20050111","jcd-merge-pre-20040517","jcd-merge-pre-20040628","jcd-merge-pre-20040712","jcd-merge-pre-20040724","jcd-merge-pre-20050111","jcd-merge-pre-20050224","openacs-5-0-0a1","openacs-5-0-0a3","openacs-5-0-0a4","openacs-5-0-0b1","openacs-5-1-1-final","openacs-5-1-2-final","openacs-5-1-3-final","openacs-5-2-0a1","openacs-5-6-0b3","post-4-6-4d1-head","post-ora9i-port","pre-4-6-4d1-head","pre-ora9i-port"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"2016-05-25"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-15009.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}