Description

Cross-site request forgery (CSRF) vulnerability in logout.action in Atlassian Confluence 3.4.6 allows remote attackers to hijack the authentication of administrators for requests that logout the user via a comment.

Remediation

References

CVE-2012-6342

Related Vulnerabilities

WordPress Plugin UsersWP-Front-end login form, User Registration, User Profile & Members Directory for WP Security Bypass (1.2.3)

WordPress Plugin Add Social Share Messenger Buttons Whatsapp and Viber Cross-Site Request Forgery (1.0.8)

WordPress 5.7.x Multiple Vulnerabilities (5.7 - 5.7.4)

CubeCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20703)

WordPress Plugin Classified Listing-Classified ads & Business Directory Cross-Site Scripting (2.2.13)

Severity

Medium

Classification

CVE-2012-6342 CWE-352

Tags

Missing Update Known Vulnerabilities