Summary
This host is running Pacific Timesheet and is prone to cross-site request forgery vulnerability.
Impact
Successful exploitation will allow attackers to perform unauthorized actions.
Impact Level: Application
Solution
Update to version 6.75 or later.
For updates refer to http://www.pacifictimesheet.com/
Insight
The flaw is due to improper validation of user-supplied input.
A remote attacker could exploit this vulnerability to perform cross-site request forgery by tricking a logged in administrator into visiting a malicious web site or link to perform unauthorized actions.
Affected
Pacific Timesheet version 6.74 build 363.
References
Severity
Classification
-
CVE CVE-2010-2111 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities