CVE-2011-5300

2015-01-0111:00:00

mitre

www.cve.org

cross-site request forgery

pommo aardvark

vulnerability

AI Score

7.1

Confidence

Low

EPSS

0.005

Percentile

77.2%

JSON

Cross-site request forgery (CSRF) vulnerability in admin/setup/config/users.php in poMMo Aardvark PR16.1 allows remote attackers to hijack the authentication of administrators for requests that modify credentials via certain admin_ parameters.

References

www.htbridge.com/advisory/HTB22976