Описание
Cross-site request forgery (CSRF) vulnerability in the pieforms implementation in Mahara before 1.3.6 allows remote attackers to hijack the authentication of arbitrary users for requests to any form, related to inappropriate regeneration of session keys.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | DNE | |
| devel | not-affected | 1.3.6-1 |
| hardy | DNE | |
| lucid | released | 1.2.4-1ubuntu0.3 |
| maverick | released | 1.2.5-2ubuntu0.2 |
| natty | released | 1.2.7-1ubuntu0.1 |
| upstream | released | 1.3.6 |
Показывать по
Ссылки на источники
6.8 Medium
CVSS2
Связанные уязвимости
Cross-site request forgery (CSRF) vulnerability in the pieforms implementation in Mahara before 1.3.6 allows remote attackers to hijack the authentication of arbitrary users for requests to any form, related to inappropriate regeneration of session keys.
Cross-site request forgery (CSRF) vulnerability in the pieforms implem ...
Cross-site request forgery (CSRF) vulnerability in the pieforms implementation in Mahara before 1.3.6 allows remote attackers to hijack the authentication of arbitrary users for requests to any form, related to inappropriate regeneration of session keys.
6.8 Medium
CVSS2