PT-2010-3404 · Google+1 · Google Chrome+1
Publicado
2010-09-24
·
Atualizado
2017-09-19
·
CVE-2010-1767
CVSS v2.0
6.8
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
WebKit versions before r57041
Google Chrome versions before 4.1.249.1059
Description
A cross-site request forgery (CSRF) issue exists, allowing remote attackers to hijack the authentication of victims via a crafted synchronous preflight XMLHttpRequest operation.
Recommendations
For WebKit versions before r57041, update to version r57041 or later.
For Google Chrome versions before 4.1.249.1059, update to version 4.1.249.1059 or later.
Correção
CSRF
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Google Chrome
Webkit