CVE-2008-7243

Name of the Vulnerable Software and Affected Versions MODx CMS versions 0.9.6.1 through 0.9.6.1p1

Description A cross-site request forgery (CSRF) issue allows remote attackers to hijack the authentication of other users for requests that modify passwords via the "manager/index.php" endpoint. This can lead to unauthorized password changes.

Recommendations For MODx CMS versions 0.9.6.1 through 0.9.6.1p1, consider implementing CSRF tokens or other anti-CSRF measures to prevent unauthorized requests. As a temporary workaround, restrict access to the "manager/index.php" endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.