Description

Cross-site request forgery (CSRF) vulnerability in admin.php in Collabtive 0.6.5 allows remote attackers to hijack the authentication of administrators for requests that add administrative users via the edituser action.

Remediation

References

CVE-2010-5285

Related Vulnerabilities

WordPress Plugin wpForo Forum SQL Injection (2.3.3)

Drupal Improper Removal of Sensitive Information Before Storage or Transfer Vulnerability (CVE-2022-31042)

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23126)

LimeSurvey Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16178)

ownCloud Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-2397)

Severity

Medium

Classification

CVE-2010-5285 CWE-352

Tags

Missing Update Known Vulnerabilities