CVE-2009-0112

2009-01-0918:00:00

mitre

www.cve.org

AI Score

6.9

Confidence

Low

EPSS

0.003

Percentile

70.0%

JSON

Cross-site request forgery (CSRF) vulnerability in admin/agent_edit.asp in PollPro 3.0 allows remote attackers to create or modify accounts as administrators via the username, password, and name parameters.

References

marc.info/?l=bugtraq&m=123117044713213&w=2

secunia.com/advisories/33319

securityreason.com/securityalert/4895

exchange.xforce.ibmcloud.com/vulnerabilities/47754