Cross-site request forgery (CSRF) vulnerability in cal2.jsp in the calendar examples application in Apache Tomcat 4.1.31 allows remote attackers to add events as arbitrary users via the time and description parameters.
References
Configurations
History
21 Nov 2024, 00:36
Type | Values Removed | Values Added |
---|---|---|
References | () http://archives.neohapsis.com/archives/bugtraq/2007-09/0040.html - | |
References | () http://osvdb.org/41029 - | |
References | () http://securityreason.com/securityalert/3094 - | |
References | () http://www.securityfocus.com/archive/1/478491/100/0/threaded - |
Information
Published : 2007-09-05 19:17
Updated : 2024-11-21 00:36
NVD link : CVE-2007-4724
Mitre link : CVE-2007-4724
CVE.ORG link : CVE-2007-4724
JSON object : View
Products Affected
apache
- tomcat
CWE
CWE-352
Cross-Site Request Forgery (CSRF)