Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2011-1403
HistoryMay 13, 2011 - 10:55 p.m.

CVE-2011-1403

2011-05-1322:55:01
CWE-352
mitre
web.nvd.nist.gov
45
csrf
vulnerability
mahara
security
csrf vulnerability
nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.1

Confidence

Low

EPSS

0.003

Percentile

69.8%

JSON

Cross-site request forgery (CSRF) vulnerability in the pieforms implementation in Mahara before 1.3.6 allows remote attackers to hijack the authentication of arbitrary users for requests to any form, related to inappropriate regeneration of session keys.

Affected configurations

Nvd
Node
maharamaharaRange1.3.5
OR
maharamaharaMatch0.9.0
OR
maharamaharaMatch0.9.1
OR
maharamaharaMatch0.9.2
OR
maharamaharaMatch1.0.0
OR
maharamaharaMatch1.0.1
OR
maharamaharaMatch1.0.2
OR
maharamaharaMatch1.0.3
OR
maharamaharaMatch1.0.4
OR
maharamaharaMatch1.0.5
OR
maharamaharaMatch1.0.6
OR
maharamaharaMatch1.0.7
OR
maharamaharaMatch1.0.8
OR
maharamaharaMatch1.0.9
OR
maharamaharaMatch1.0.10
OR
maharamaharaMatch1.0.11
OR
maharamaharaMatch1.0.12
OR
maharamaharaMatch1.0.13
OR
maharamaharaMatch1.0.14
OR
maharamaharaMatch1.0.15
OR
maharamaharaMatch1.1
OR
maharamaharaMatch1.1.0
OR
maharamaharaMatch1.1.0alpha1
OR
maharamaharaMatch1.1.0alpha2
OR
maharamaharaMatch1.1.0alpha3
OR
maharamaharaMatch1.1.0beta1
OR
maharamaharaMatch1.1.0beta2
OR
maharamaharaMatch1.1.0beta3
OR
maharamaharaMatch1.1.0beta4
OR
maharamaharaMatch1.1.0rc1
OR
maharamaharaMatch1.1.0rc2
OR
maharamaharaMatch1.1.1
OR
maharamaharaMatch1.1.2
OR
maharamaharaMatch1.1.3
OR
maharamaharaMatch1.1.4
OR
maharamaharaMatch1.1.5
OR
maharamaharaMatch1.1.6
OR
maharamaharaMatch1.1.7
OR
maharamaharaMatch1.1.8
OR
maharamaharaMatch1.1.9
OR
maharamaharaMatch1.2.0
OR
maharamaharaMatch1.2.0alpha1
OR
maharamaharaMatch1.2.0alpha2
OR
maharamaharaMatch1.2.0alpha3
OR
maharamaharaMatch1.2.0beta1
OR
maharamaharaMatch1.2.0beta2
OR
maharamaharaMatch1.2.0beta3
OR
maharamaharaMatch1.2.0beta4
OR
maharamaharaMatch1.2.0rc1
OR
maharamaharaMatch1.2.1
OR
maharamaharaMatch1.2.2
OR
maharamaharaMatch1.2.3
OR
maharamaharaMatch1.2.4
OR
maharamaharaMatch1.2.5
OR
maharamaharaMatch1.2.6
OR
maharamaharaMatch1.3.0
OR
maharamaharaMatch1.3.0beta1
OR
maharamaharaMatch1.3.0beta2
OR
maharamaharaMatch1.3.0beta3
OR
maharamaharaMatch1.3.0beta4
OR
maharamaharaMatch1.3.0rc1
OR
maharamaharaMatch1.3.1
OR
maharamaharaMatch1.3.2
OR
maharamaharaMatch1.3.3
OR
maharamaharaMatch1.3.4
VendorProductVersionCPE
maharamahara*cpe:2.3:a:mahara:mahara:*:*:*:*:*:*:*:*
maharamahara0.9.0cpe:2.3:a:mahara:mahara:0.9.0:*:*:*:*:*:*:*
maharamahara0.9.1cpe:2.3:a:mahara:mahara:0.9.1:*:*:*:*:*:*:*
maharamahara0.9.2cpe:2.3:a:mahara:mahara:0.9.2:*:*:*:*:*:*:*
maharamahara1.0.0cpe:2.3:a:mahara:mahara:1.0.0:*:*:*:*:*:*:*
maharamahara1.0.1cpe:2.3:a:mahara:mahara:1.0.1:*:*:*:*:*:*:*
maharamahara1.0.2cpe:2.3:a:mahara:mahara:1.0.2:*:*:*:*:*:*:*
maharamahara1.0.3cpe:2.3:a:mahara:mahara:1.0.3:*:*:*:*:*:*:*
maharamahara1.0.4cpe:2.3:a:mahara:mahara:1.0.4:*:*:*:*:*:*:*
maharamahara1.0.5cpe:2.3:a:mahara:mahara:1.0.5:*:*:*:*:*:*:*
Rows per page:
1-10 of 651

Related

prion 1
cvelist 1
ubuntucve 1
nvd 1
openvas 4
debian 2
osv 1
nessus 1
securityvulns 2
prion
prion
Cross site request forgery (csrf)
2011-05-13 22:55:00
cvelist
cvelist
CVE-2011-1403
2011-05-13 22:00:00
ubuntucve
ubuntucve
CVE-2011-1403
2011-05-13 00:00:00
nvd
nvd
CVE-2011-1403
2011-05-13 22:55:01
openvas
openvas
Debian: Security Advisory (DSA-2246-1)
2011-08-03 00:00:00
Mahara Multiple Remote Vulnerabilities
2011-05-23 00:00:00
Debian Security Advisory DSA 2246-1 (mahara)
2011-08-03 00:00:00
debian
debian
[SECURITY] [DSA 2246-1] mahara security update
2011-05-29 11:48:28
[SECURITY] [DSA 2246-1] mahara security update
2011-05-29 11:48:28
osv
osv
mahara - several vulnerabilities
2011-05-29 00:00:00
nessus
nessus
Debian DSA-2246-1 : mahara - several vulnerabilities
2011-06-10 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2246-1] mahara security update
2011-05-30 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2011-06-02 00:00:00

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.1

Confidence

Low

EPSS

0.003

Percentile

69.8%

JSON
Related for CVE-2011-1403
prion1cvelist1ubuntucve1nvd1openvas4debian2osv1nessus1securityvulns2