CVE-2008-7243

Sažetak

Cross-site request forgery (CSRF) vulnerability in page 34 in MODx CMS 0.9.6.1 and 0.9.6.1p1 allows remote attackers to hijack the authentication of other users for requests that modify passwords via manager/index.php. NOTE: due to the lack of details, it is not clear whether this is related to CVE-2008-5941.

Reference

http://secunia.com/advisories/28840
http://www.securityfocus.com/archive/1/487696/100/200/threaded
http://www.securityfocus.com/bid/27672
https://exchange.xforce.ibmcloud.com/vulnerabilities/40378

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

11-10-2018 - 20:58

Objavljeno

17-09-2009 - 18:30