Cross-site request forgery (CSRF) vulnerability in Invision Gallery before 1.3.1 allows remote attackers to delete albums and images as another user via a link or IMG tag to the (1) albums or (2) delimg actions.
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=111834146710329&w=2 | Mailing List |
http://www.gulftech.org/?node=research&article_id=00079-06092005 | Broken Link Exploit Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2005-06-14T04:00:00
Updated: 2016-10-17T13:57:01
Reserved: 2005-06-14T00:00:00
Link: CVE-2005-1947
JSON object: View
NVD Information
Status : Analyzed
Published: 2005-06-09T04:00:00.000
Modified: 2024-02-08T20:44:52.573
Link: CVE-2005-1947
JSON object: View
Redhat Information
No data.
CWE