Description

Cross-site request forgery (CSRF) vulnerability in logout.action in Atlassian Confluence 3.4.6 allows remote attackers to hijack the authentication of administrators for requests that logout the user via a comment.

Remediation

References

CVE-2012-6342

Related Vulnerabilities

Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-2986)

WordPress Plugin 10Web Map Builder for Google Maps Cross-Site Scripting (1.0.69)

WordPress Plugin UpiCRM-Free WordPress CRM and Lead Management Information Disclosure (2.1.8.5)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2009-0500)

WordPress 4.4.x Directory Traversal (4.4 - 4.4.32)

Severity

Medium

Classification

CVE-2012-6342 CWE-352

Tags

Missing Update Known Vulnerabilities