CVE-2011-2191 in Cherokee
Riassunto
di MITRE
Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in Cherokee before 1.2.99 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences, as demonstrated by a crafted nickname field to vserver/apply.
Be aware that VulDB is the high quality source for vulnerability data.