Cross-site request forgery (CSRF) vulnerability in Redback before 1.2.4, as used in Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1; and Apache Continuum 1.3.6, 1.4.0, and 1.1 through 1.2.3.1; allows remote attackers to hijack the authentication of administrators for requests that modify credentials.
References
Configurations
Configuration 1 (hide)
AND |
|
History
07 Nov 2023, 02:05
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2010-12-06 20:13
Updated : 2024-02-28 11:41
NVD link : CVE-2010-3449
Mitre link : CVE-2010-3449
CVE.ORG link : CVE-2010-3449
JSON object : View
Products Affected
jesse_mcconnell
- redback
apache
- archiva
CWE
CWE-352
Cross-Site Request Forgery (CSRF)