Lucene search

K

MitreCVELIST:CVE-2009-3248

HistorySep 18, 2009 - 8:00 p.m.

CVE-2009-3248

2009-09-1820:00:00

mitre

www.cve.org

6

AI Score

7.1

Confidence

Low

EPSS

0.032

Percentile

91.2%

Cross-site request forgery (CSRF) vulnerability in the RSS module in vtiger CRM 5.0.4 allows remote attackers to hijack the authentication of Admin users for requests that modify the news feed system via the rssurl parameter in a Save action to index.php.

References

marc.info/?l=bugtraq&m=125060676515670&w=2

secunia.com/advisories/36309

www.exploit-db.com/exploits/9450

www.osvdb.org/57238

www.securityfocus.com/bid/36062

www.ush.it/2009/08/18/vtiger-crm-504-multiple-vulnerabilities/

www.ush.it/team/ush/hack-vtigercrm_504/vtigercrm_504.txt

www.vupen.com/english/advisories/2009/2319

AI Score

7.1

Confidence

Low

EPSS

0.032

Percentile

91.2%

Related for CVELIST:CVE-2009-3248

prion1 cve1 nvd1 exploitdb1