CVE-2011-0440

Sažetak

Cross-site request forgery (CSRF) vulnerability in Mahara 1.2.x before 1.2.7 and 1.3.x before 1.3.4 allows remote attackers to hijack the authentication of arbitrary users for requests that delete blogs.

Reference

http://mahara.org/interaction/forum/topic.php?id=3206
http://mahara.org/interaction/forum/topic.php?id=3208
http://secunia.com/advisories/43858
http://www.debian.org/security/2011/dsa-2206
http://www.securityfocus.com/bid/47033
https://exchange.xforce.ibmcloud.com/vulnerabilities/66326

CVSS

Base:	5.8
Impact:	4.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:P

Zadnje važnije ažuriranje

17-08-2017 - 01:33

Objavljeno

28-03-2011 - 16:55