PT-2006-7342 · Mkportal · Mkportal
Publicado
2006-12-26
·
Atualizado
2018-10-17
·
CVE-2006-6741
CVSS v2.0
5.8
Média
| Vetor | AV:N/AC:M/Au:N/C:N/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
MKPortal (affected versions not specified)
Description:
A cross-site request forgery (CSRF) issue exists in the urlobox component of MKPortal, allowing remote attackers to perform unauthorized actions, such as deleting arbitrary messages, by exploiting the delete operation within an img BBcode tag.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
CSRF
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Mkportal