Multiple cross-site request forgery (CSRF) vulnerabilities in admin/update_user in Hulihan Amethyst 0.1.5, and possibly earlier, allow remote attackers to hijack the authentication of administrators for requests that (1) change the administrative password or (2) change the site's configuration.
References
Configurations
History
No history.
Information
Published : 2012-02-14 20:55
Updated : 2024-02-28 11:41
NVD link : CVE-2010-5085
Mitre link : CVE-2010-5085
CVE.ORG link : CVE-2010-5085
JSON object : View
Products Affected
hulihanapplications
- amethyst
CWE
CWE-352
Cross-Site Request Forgery (CSRF)