First published: Mon Oct 22 2012(Updated: )
Multiple cross-site request forgery (CSRF) vulnerabilities in Subrion CMS before 2.2.3 allow remote attackers to hijack the authentication of administrators for requests that add, delete, or modify sensitive information, as demonstrated by adding an administrator account via an add action to admin/accounts/add/.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Intelliants Subrion CMS | <=2.2.2 | |
Intelliants Subrion CMS | =2.0.4 | |
Intelliants Subrion CMS | =2.2.0 | |
Intelliants Subrion CMS | =2.2.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.