Cross site request forgery (csrf)

2009-06-0819:30:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.7%

JSON

Cross-site request forgery (CSRF) vulnerability in Dokeos 1.8.5, and possibly earlier, allows remote attackers to hijack the authentication of unspecified victims and add new personal agenda items via unknown vectors.

CPENameOperatorVersion
dokeoseq1.8.5

CPE	Name	Operator	Version
	dokeos	eq	1.8.5

References

holisticinfosec.org/content/view/112/45/

secunia.com/advisories/34879

www.dokeos.com/wiki/index.php/Security

www.securityfocus.com/bid/34928

www.vupen.com/english/advisories/2009/1300