PT-2010-3216 · Dfd · Dfd Cart

Publicado

2010-04-26

·

Atualizado

2010-04-27

·

CVE-2010-1542

CVSS v2.0

6.8

Média

VetorAV:N/AC:M/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions DFD Cart versions 1.198 and earlier
Description The issue allows remote attackers to hijack the authentication of administrators for requests, potentially leading to cross-site scripting (XSS) attacks or changes to unspecified settings.
Recommendations For DFD Cart versions 1.198 and earlier, update to a version that contains a fix for this issue.

Correção

CSRF

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-352

Identificadores relacionados

CVE-2010-1542

Produtos afetados

Dfd Cart