Cross-site request forgery (CSRF) vulnerability in Microdasys before 3.5.1-B708, as used in Bloxx Web Filtering before 5.0.14 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that trigger error pages containing XSS sequences, a different vulnerability than CVE-2012-2564.
References
Link | Resource |
---|---|
http://www.kb.cert.org/vuls/id/722963 | US Government Resource |
http://www.kb.cert.org/vuls/id/MAPG-8R9LBY | |
http://www.kb.cert.org/vuls/id/722963 | US Government Resource |
http://www.kb.cert.org/vuls/id/MAPG-8R9LBY |
Configurations
History
21 Nov 2024, 01:40
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.kb.cert.org/vuls/id/722963 - US Government Resource | |
References | () http://www.kb.cert.org/vuls/id/MAPG-8R9LBY - |
Information
Published : 2012-06-09 00:55
Updated : 2024-11-21 01:40
NVD link : CVE-2012-3343
Mitre link : CVE-2012-3343
CVE.ORG link : CVE-2012-3343
JSON object : View
Products Affected
bloxx
- web_filtering
CWE
CWE-352
Cross-Site Request Forgery (CSRF)