CVE-2007-0912

Name of the Vulnerable Software and Affected Versions: Jportal versions 2.3.1 and earlier

Description: A Cross-Site Request Forgery (CSRF) issue allows remote attackers to perform privileged actions as administrators. This is achieved by tricking the admin into accessing a URL with modified arguments to "admin/admin.adm.php".

Recommendations: For Jportal versions 2.3.1 and earlier, consider disabling access to the admin/admin.adm.php endpoint until a fix is available. Restrict access to administrative functions to minimize the risk of exploitation. Avoid using modified URLs that could trick administrators into performing unintended actions. At the moment, there is no information about a newer version that contains a fix for this issue.