Cross-site request forgery (CSRF) vulnerability in the mycalendar plugin before 0.13 for Serendipity allows remote attackers to perform actions as blog administrators, which can be leveraged to conduct cross-site scripting (XSS) attacks on the blog page.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2007-12-17T18:00:00
Updated: 2007-12-25T10:00:00
Reserved: 2007-12-17T00:00:00
Link: CVE-2007-6390
JSON object: View
NVD Information
Status : Analyzed
Published: 2007-12-17T18:46:00.000
Modified: 2008-09-05T21:33:07.580
Link: CVE-2007-6390
JSON object: View
Redhat Information
No data.
CWE