CVE-2011-5316

2015-01-0111:00:00

mitre

www.cve.org

cve-2011-5316

csrf

admin/index.php

cambio 0.5a nightly r37

hijack authentication

modify credentials

user save action

AI Score

Confidence

Low

EPSS

0.005

Percentile

77.2%

JSON

Cross-site request forgery (CSRF) vulnerability in admin/index.php in Cambio 0.5a nightly r37 allows remote attackers to hijack the authentication of administrators for requests that modify credentials via a user save action.

References

www.htbridge.com/advisory/HTB22768