CVE-2011-0535 in Application Frameworkinfo

Summary

Cross-site request forgery (CSRF) vulnerability in the Users module in Zikula before 1.2.5 allows remote attackers to hijack the authentication of administrators for requests that change account privileges via an edit access_permissions action to index.php.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

01/20/2011

Disclosure

02/08/2011

CPE

ready

Exploit

Download

CVSS

6.3

EPSS

0.00499

Activities

Very Low

Sources

MITREhttps://www.cve.org/CVERecord?id=CVE-2011-0535
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2011-0535
CVE Detailshttps://www.cvedetails.com/cve/CVE-2011-0535/

PreviousOverviewNext