Cross-site request forgery (CSRF) vulnerability in the Change Group Permissions module in CMS Made Simple 1.7.1 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that make permission modifications.
References
Link | Resource |
---|---|
http://secunia.com/advisories/40031 | Vendor Advisory |
http://security.bkis.com/multiple-vulnerabilities-in-cms-made-simple/ |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2010-10-08 21:00
Updated : 2024-02-28 11:41
NVD link : CVE-2010-3883
Mitre link : CVE-2010-3883
CVE.ORG link : CVE-2010-3883
JSON object : View
Products Affected
cmsmadesimple
- cms_made_simple
CWE
CWE-352
Cross-Site Request Forgery (CSRF)