CVE-2009-1434

by Fred · 30/04/2009

Cross-site request forgery (CSRF) vulnerability in Foswiki before 1.0.5 allows remote attackers to hijack the authentication of arbitrary users for requests that modify pages, change permissions, or change group memberships, as demonstrated by a URL for a (1) save or (2) view script in the SRC attribute of an IMG element, a related issue to CVE-2009-1339.

Date published : 2009-04-30

http://foswiki.org/Support/SecurityAlert-CVE-2009-1434

https://launchpad.net/bugs/cve/2009-1434

CVE-2009-1434

Related

Recent Posts

Categories

Latest CWE

CVE-2009-1434

Share this:

Related

Recent Posts

Categories

Tags

Latest CWE