CVE-2012-2380

Currently unrated

Key Information:

Vendor: Apache
Status: Roller
Vendor: CVE Published:; 26 June 2012

Summary

Multiple cross-site request forgery (CSRF) vulnerabilities in the admin/editor console in Apache Roller before 5.0.1 allow remote attackers to hijack the authentication of admins or editors by leveraging the HTTP POST functionality.

References

http://archives.neohapsis.com/archives/fulldisclosure/201...

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jun 26, 2012