Cross-site request forgery (CSRF) vulnerability in the Users module in Zikula before 1.2.5 allows remote attackers to hijack the authentication of administrators for requests that change account privileges via an edit access_permissions action to index.php.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2011-02-08T21:00:00
Updated: 2011-09-22T09:00:00
Reserved: 2011-01-20T00:00:00
Link: CVE-2011-0535
JSON object: View
NVD Information
Status : Modified
Published: 2011-02-08T22:00:01.213
Modified: 2011-09-22T03:28:25.727
Link: CVE-2011-0535
JSON object: View
Redhat Information
No data.
CWE