CVE-2011-1954

Name of the Vulnerable Software and Affected Versions Post Revolution versions 0.8.0c-2 and earlier

Description The issue allows remote attackers to hijack the authentication of arbitrary users for requests to specific API endpoints, including "ajax-weblog-guardar.php", "verpost.php", "comments.php", and "perfil.php".

Recommendations For Post Revolution versions 0.8.0c-2 and earlier, as a temporary workaround, consider restricting access to the affected API endpoints until a patch is available. Avoid using the affected endpoints in "ajax-weblog-guardar.php", "verpost.php", "comments.php", and "perfil.php" to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.