CVE-2010-5085 in Amethyst
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in admin/update_user in Hulihan Amethyst 0.1.5, and possibly earlier, allow remote attackers to hijack the authentication of administrators for requests that (1) change the administrative password or (2) change the site s configuration.
Be aware that VulDB is the high quality source for vulnerability data.
Reservation
02/14/2012
Disclosure
02/14/2012
Status
Confirmed
Entries
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerability | CWE | Exp | Cou | CVE |
|---|---|---|---|---|---|
| 60204 | Hulihanapplications Amethyst cross-site request forgery | 352 | Proof-of-Concept | Official fix | CVE-2010-5085 |