Description

Cross-site request forgery (CSRF) vulnerability in core/ajax/appconfig.php in ownCloud before 4.0.7 allows remote attackers to hijack the authentication of administrators for requests that edit the app configurations.

Remediation

References

CVE-2012-4391

Related Vulnerabilities

Mailman Other Vulnerability (CVE-2001-1132)

Wordpress Plugin Backup Migration Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-7002)

Moodle Improper Input Validation Vulnerability (CVE-2018-1137)

PHP multipart/form-data denial of service

WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor Privilege Escalation (2.4.0)

Severity

Medium

Classification

CVE-2012-4391 CWE-352

Tags

Missing Update Known Vulnerabilities