Lucene search
Ubuntu.comUB:CVE-2012-2246HistoryNov 24, 2012 - 12:00 a.m.
CVE-2012-2246
2012-11-2400:00:00
ubuntu.com
ubuntu.com
7
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.006
Percentile
79.3%
Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote attackers to
conduct clickjacking attacks to delete arbitrary users and bypass CSRF
protection via account/delete.php.
References
Related
cve
cve
CVE-2012-2246
2012-11-24 20:55:02
nvd
nvd
CVE-2012-2246
2012-11-24 20:55:02
prion
prion
Cross site request forgery (csrf)
2012-11-24 20:55:00
cvelist
cvelist
CVE-2012-2246
2012-11-24 20:00:00
openvas
openvas
Debian Security Advisory DSA 2591-1 (mahara - several vulnerabilities)
2013-09-18 00:00:00
Debian: Security Advisory (DSA-2591-1)
2013-09-18 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2591-1] mahara security update
2013-01-02 00:00:00
nessus
nessus
Debian DSA-2591-1 : mahara - several vulnerabilities
2012-12-28 00:00:00
debian
debian
[SECURITY] [DSA 2591-1] mahara security update
2012-12-28 01:08:41
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
EPSS
0.006
Percentile
79.3%
Related for UB:CVE-2012-2246