Foswiki Cross-Site Request Forgery Vulnerability Network Vulnerability

Summary

The host is running Foswiki and is prone to Cross-Site Request Forgery Vulnerability.

Impact

Successful exploitation will allow attacker to gain administrative privileges on the target application and can cause CSRF attack. Impact Level: Application

Solution

Upgrade to version 1.0.5 or later, http://foswiki.org/Download

Insight

An application allowing users to perform certain actions via HTTP requests without performing any validity checks to verify the requests.

Affected

Foswiki version prior to 1.0.5

References

http://foswiki.org/Support/SecurityAlert-CVE-2009-1434
http://secunia.com/advisories/34863

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-1434

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

7Media Web Solutions EduTrac Directory Traversal Vulnerability
Apache Archiva Cross Site Request Forgery Vulnerability
Apache Web Server ETag Header Information Disclosure Weakness
appRain CMF 'uploadify.php' Remote Arbitrary File Upload Vulnerability
A4Desk Event Calendar 'eventid' Parameter SQL Injection Vulnerability

Take action and discover your vulnerabilities