Multiple cross-site request forgery (CSRF) vulnerabilities in Pligg before 1.0.3 allow remote attackers to hijack the authentication of administrators for requests that create user accounts or have unspecified other impact.
References
Link | Resource |
---|---|
http://secunia.com/advisories/37349 | Vendor Advisory |
http://holisticinfosec.org/content/view/130/45/ | |
http://www.pligg.com/blog/775/pligg-cms-1-0-3-release/ | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2010-04-21 07:30
Updated : 2010-06-10 21:00
NVD link : CVE-2009-4787
Mitre link : CVE-2009-4787
JSON object : View
CWE
CWE-352
Cross-Site Request Forgery (CSRF)
Products Affected
pligg
- pligg_cms