Description

Cross-site request forgery (CSRF) vulnerability in core/ajax/appconfig.php in ownCloud before 4.0.7 allows remote attackers to hijack the authentication of administrators for requests that edit the app configurations.

Remediation

References

CVE-2012-4391

Related Vulnerabilities

PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-5278)

WordPress Plugin WP Doctor Potential Malicious Code (1.7)

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-8810)

WordPress Plugin Custom Search by BestWebSoft Cross-Site Scripting (1.35)

WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease SQL Injection (4.1.3)

Severity

Medium

Classification

CVE-2012-4391 CWE-352

Tags

Missing Update Known Vulnerabilities