Description

Cross-site request forgery (CSRF) vulnerability in cal2.jsp in the calendar examples application in Apache Tomcat 4.1.31 allows remote attackers to add events as arbitrary users via the time and description parameters.

Remediation

References

CVE-2007-4724

Related Vulnerabilities

WordPress Plugin Easy Social Feed-Social Photos Gallery-Post Feed-Like Box Cross-Site Scripting (6.2.6)

Dolibarr Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-14240)

WordPress Plugin YOP Poll Multiple Cross-Site Scripting Vulnerabilities (6.3.0)

Sqlite Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-6607)

Oracle Database Server CVE-2009-1965 Vulnerability (CVE-2009-1965)

Severity

Medium

Classification

CVE-2007-4724 CWE-352

Tags

Missing Update Known Vulnerabilities