Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1721

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-1721
Last Modified 21 Sep 2011 11:30:46
Published 19 Apr 2011 03:55:01
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1721

Summary

Cross-site request forgery (CSRF) vulnerability in php/partie_administrateur/administration.php in WebJaxe 1.02 allows remote attackers to hijack the authentication of administrators for requests that (1) modify passwords or (2) add new projects. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Obspm Webjaxe 1.02


References

XF - webjaxe-administration-csrf(66757)

BUGTRAQ - 20110412 HTB22927: CSRF (Cross-Site Request Forgery) in Webjaxe

MISC - http://www.htbridge.ch/advisory/csrf_cross_site_request_forgery_in_webjaxe.html

SREASON - 8212

SECUNIA - 44118

OSVDB - 71844


Last Updated: 27 May 2016 10:56:24