Multiple cross-site request forgery (CSRF) vulnerabilities in Agile FleetCommander and FleetCommander Kiosk before 4.08 allow remote attackers to hijack the authentication of arbitrary users for requests that modify (1) passwords, (2) accounts, or (3) permissions.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:43
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.kb.cert.org/vuls/id/427547 - US Government Resource | |
References | () http://www.securityfocus.com/bid/56427 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/79854 - |
Information
Published : 2012-11-18 21:55
Updated : 2024-11-21 01:43
NVD link : CVE-2012-4943
Mitre link : CVE-2012-4943
CVE.ORG link : CVE-2012-4943
JSON object : View
Products Affected
agilefleet
- fleetcommander_kiosk
- fleetcommander
CWE
CWE-352
Cross-Site Request Forgery (CSRF)