Multiple cross-site request forgery (CSRF) vulnerabilities in mvnForum before 1.2.1 GA allow remote attackers to (1) create forums, (2) change account privileges, (3) enable accounts, or (4) disable accounts as a product administrator via unspecified vectors, possibly related to HTTP Referer headers.
References
Configurations
Configuration 1 (hide)
|
History
14 Feb 2024, 01:17
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.mvnforum.com/mvnforum/viewthread_thread%2C4361 - URL Repurposed |
07 Nov 2023, 02:03
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2008-12-10 06:44
Updated : 2024-02-28 11:21
NVD link : CVE-2008-5400
Mitre link : CVE-2008-5400
CVE.ORG link : CVE-2008-5400
JSON object : View
Products Affected
mvnforum
- mvnforum
CWE
CWE-352
Cross-Site Request Forgery (CSRF)