CSRF Vulnerability in WebsiteBaker Affecting Administrators
CVE-2011-2934
8.8HIGH
What is CVE-2011-2934?
A Cross Site Request Forgery vulnerability exists in WebsiteBaker, affecting versions 2.8.1 and earlier. This flaw stems from inadequate confirmation processes for sensitive administrative transactions, allowing malicious actors to exploit this weakness. Attackers could potentially trick administrators into performing actions without their consent, leading to unauthorized changes within the website's management interface.
Affected Version(s)
WebsiteBaker through 2.8.1
References
CVSS V3.1
Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved