2 matches found
CVE-2010-5285
CVE-2010-5285 describes a Cross‑Site Request Forgery (CSRF) in Collabtive 0.6.5, affecting admin.php via the edituser action. The vulnerability allows a remote attacker to hijack administrators’ authentication and perform actions that add new administrative users. This is tied to the specific ver...
Collabtive Cross Site Scripting and HTML Injection Vulnerabilities
Collabtive is prone to multiple cross-site scripting vulnerabilities and an HTML-injection vulnerability because it fails to properly sanitize user-supplied input before using it in dynamically generated content. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted...