CVE-2012-2246

Опубликовано: 24 нояб. 2012

Источник: debian

Описание

Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote attackers to conduct clickjacking attacks to delete arbitrary users and bypass CSRF protection via account/delete.php.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
mahara	fixed	1.5.1-3		package

Примечания

https://mahara.org/interaction/forum/topic.php?id=493
https://bugs.launchpad.net/mahara/+bug/1057240

Связанные уязвимости

CVE-2012-2246

ubuntu

около 13 лет назад

Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote attackers to conduct clickjacking attacks to delete arbitrary users and bypass CSRF protection via account/delete.php.

CVE-2012-2246

nvd

около 13 лет назад

Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote attackers to conduct clickjacking attacks to delete arbitrary users and bypass CSRF protection via account/delete.php.

GHSA-f562-34hv-qg95

github

больше 3 лет назад

Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote attackers to conduct clickjacking attacks to delete arbitrary users and bypass CSRF protection via account/delete.php.