Description

Cross-site request forgery (CSRF) vulnerability in admin.php in Collabtive 0.6.5 allows remote attackers to hijack the authentication of administrators for requests that add administrative users via the edituser action.

Remediation

References

CVE-2010-5285

Related Vulnerabilities

Magento Improper Privilege Management Vulnerability (CVE-2020-9630)

MySQL CVE-2020-14632 Vulnerability (CVE-2020-14632)

MySQL CVE-2020-2627 Vulnerability (CVE-2020-2627)

WordPress Plugin Contact Form Builder-a plugin for creating contact and feedback forms Security Bypass (1.0.7)

Ruby Uncontrolled Resource Consumption Vulnerability (CVE-2018-8777)

Severity

Medium

Classification

CVE-2010-5285 CWE-352

Tags

Missing Update Known Vulnerabilities