Cross site request forgery (csrf)

2012-06-2610:23:00

PRIOn knowledge base

www.prio-n.com

7.8 High

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

18.8%

JSON

Multiple cross-site request forgery (CSRF) vulnerabilities in the admin/editor console in Apache Roller before 5.0.1 allow remote attackers to hijack the authentication of admins or editors by leveraging the HTTP POST functionality.

CPENameOperatorVersion
rollereq3.0
rollereq0.9.6
rollereq0.9.5
rollereq4.0.1
rollereq1.1.1
rollereq0.9.6.3
rollereq3.1
rollereq0.9.8.1
rollerle5.0
rollereq0.9.7.1