Cross-site request forgery (CSRF) vulnerability in Dokeos 1.8.5, and possibly earlier, allows remote attackers to hijack the authentication of unspecified victims and add new personal agenda items via unknown vectors.
References
Link | Resource |
---|---|
http://holisticinfosec.org/content/view/112/45/ | |
http://secunia.com/advisories/34879 | Vendor Advisory |
http://www.dokeos.com/wiki/index.php/Security#Dokeos_1.8 | Exploit Patch |
http://www.securityfocus.com/bid/34928 | |
http://www.vupen.com/english/advisories/2009/1300 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:24:07
Updated: 2022-10-03T16:24:07
Reserved: 2022-10-03T00:00:00
Link: CVE-2009-2005
JSON object: View
NVD Information
Status : Analyzed
Published: 2009-06-08T19:30:00.377
Modified: 2009-06-09T04:00:00.000
Link: CVE-2009-2005
JSON object: View
Redhat Information
No data.
CWE