Cross-Site Request Forgery Vulnerability in Apache Roller by Apache
CVE-2012-2380
Currently unrated
What is CVE-2012-2380?
Apache Roller is affected by multiple security weaknesses that permit cross-site request forgery (CSRF) attacks against the admin and editor consoles. These vulnerabilities allow malicious actors to exploit the HTTP POST functionality, leading to the potential hijacking of authenticated sessions for administrators or editors. This compromise of user authentication can have significant ramifications on the integrity of the application and the safety of its users.