CVE-2012-1897

Name of the Vulnerable Software and Affected Versions Wolf CMS versions 0.75 and earlier

Description The issue allows remote attackers to hijack the authentication of administrators for various requests. This includes deleting users via the user id number to "admin/user/delete", deleting pages via the page id number to "admin/page/delete", deleting the images or themes directory via the directory name to "admin/plugin/file manager/delete", and possibly other directories, as well as logging out the user via a request to "admin/login/logout".

Recommendations For Wolf CMS versions 0.75 and earlier, update to a version later than 0.75 to resolve the issue. As a temporary workaround, consider restricting access to the "admin/user/delete", "admin/page/delete", "admin/plugin/file manager/delete", and "admin/login/logout" endpoints until a patch is available. Avoid using the user id and page id parameters in the affected API endpoints, and restrict directory deletion via the directory name parameter in the "admin/plugin/file manager/delete" endpoint until the issue is resolved.