Foswiki Cross-Site Request Forgery Vulnerability Network Vulnerability

Summary

The host is running Foswiki and is prone to Cross-Site Request Forgery Vulnerability.

Impact

Successful exploitation will allow attacker to gain administrative privileges on the target application and can cause CSRF attack. Impact Level: Application

Solution

Upgrade to version 1.0.5 or later, http://foswiki.org/Download

Insight

An application allowing users to perform certain actions via HTTP requests without performing any validity checks to verify the requests.

Affected

Foswiki version prior to 1.0.5

References

http://foswiki.org/Support/SecurityAlert-CVE-2009-1434
http://secunia.com/advisories/34863

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-1434

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Apache mod_proxy_ftp Wildcard Characters XSS Vulnerability
Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities
@Mail 'MailType' Parameter Cross Site Scripting Vulnerability
Advanced Image Hosting Cross Site Scripting Vulnerability
Abtp Portal Project 'ABTPV_BLOQUE_CENT' Parameter Local and Remote File Include Vulnerabilities

Take action and discover your vulnerabilities