CVE-2010-2113

Name of the Vulnerable Software and Affected Versions The Uniform Server version 5.6.5

Description The issue concerns multiple cross-site request forgery (CSRF) vulnerabilities. These vulnerabilities allow remote attackers to hijack the authentication of administrators for requests that change passwords. The affected API endpoints include "apsetup.php", "psetup.php", "sslpsetup.php", and "mqsetup.php".

Recommendations For The Uniform Server version 5.6.5, as a temporary workaround, consider restricting access to the affected API endpoints "apsetup.php", "psetup.php", "sslpsetup.php", and "mqsetup.php" to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.