Lucene search
HistoryOct 03, 2022 - 4:21 p.m.
CVE-2010-1732
csrf
vulnerability
zikula application framework
nvd
security
authentication
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.9 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
35.7%
Cross-site request forgery (CSRF) vulnerability in the users module in Zikula Application Framework before 1.2.3 allows remote attackers to hijack the authentication of administrators for requests that change the administrator email address (updateemail action).
Affected configurations
Node
zikulazikula_application_frameworkRange≤1.2.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| zikula:zikula_application_framework | zikula zikula application framework | le | 1.2.2 |
Related
cvelist
cvelist
CVE-2010-1732
2022-10-03 16:21:00
prion
prion
Cross site request forgery (csrf)
2010-05-06 12:47:00
nvd
nvd
CVE-2010-1732
2010-05-06 12:47:23
openvas
openvas
Fedora Update for zikula FEDORA-2010-8501
2010-06-11 00:00:00
Fedora Update for zikula FEDORA-2010-8464
2010-06-11 00:00:00
Fedora Update for zikula FEDORA-2010-8501
2010-06-11 00:00:00
fedora
fedora
[SECURITY] Fedora 13 Update: zikula-1.2.3-1.fc13
2010-06-07 22:24:56
[SECURITY] Fedora 12 Update: zikula-1.2.3-1.fc12
2010-06-07 22:19:34
nessus
nessus
Fedora 13 : zikula-1.2.3-1.fc13 (2010-8501)
2010-07-01 00:00:00
Fedora 12 : zikula-1.2.3-1.fc12 (2010-8464)
2010-07-01 00:00:00
htbridge
htbridge
Multiple vulnerabilities in Zikula Application Framework
2010-04-13 00:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
6.9 Medium
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
35.7%
Related for CVE-2010-1732