Описание
Cross-site request forgery (CSRF) vulnerability in WebCalendar 1.2.0 allows remote attackers to hijack the authentication of administrators for requests that change the administrative password via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | DNE | pulled 2010-07-27 |
| hardy | ignored | end of life |
| intrepid | ignored | end of life, was needs-triage |
| jaunty | ignored | end of life |
| karmic | ignored | end of life |
| lucid | ignored | end of life |
| maverick | DNE | pulled 2010-07-27 |
| natty | DNE | pulled 2010-07-27 |
| oneiric | DNE | pulled 2010-07-27 |
Показывать по
Ссылки на источники
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
Cross-site request forgery (CSRF) vulnerability in WebCalendar 1.2.0 allows remote attackers to hijack the authentication of administrators for requests that change the administrative password via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Cross-site request forgery (CSRF) vulnerability in WebCalendar 1.2.0 a ...
Cross-site request forgery (CSRF) vulnerability in WebCalendar 1.2.0 allows remote attackers to hijack the authentication of administrators for requests that change the administrative password via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
EPSS
6.8 Medium
CVSS2