Cross-site request forgery (CSRF) vulnerability in the Change Group Permissions module in CMS Made Simple 1.7.1 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that make permission modifications.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:19
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/40031 - Vendor Advisory | |
References | () http://security.bkis.com/multiple-vulnerabilities-in-cms-made-simple/ - |
Information
Published : 2010-10-08 21:00
Updated : 2024-11-21 01:19
NVD link : CVE-2010-3883
Mitre link : CVE-2010-3883
CVE.ORG link : CVE-2010-3883
JSON object : View
Products Affected
cmsmadesimple
- cms_made_simple
CWE
CWE-352
Cross-Site Request Forgery (CSRF)