CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-4452

Cross-site request forgery (CSRF) vulnerability in the AdminUsers component in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to hijack the authentication of administrators for requests that remove arbitrary user accounts via a delete operation, as demonstrated by an {{image}} action.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.4%

CVSS Severity

CVSS v2 Score 6.8

References

http://wush.net/trac/wikka/changeset/1819
http://wush.net/trac/wikka/changeset/1832
http://wush.net/trac/wikka/ticket/1097
http://wush.net/trac/wikka/ticket/1098
http://wush.net/trac/wikka/changeset/1819
http://wush.net/trac/wikka/changeset/1832
http://wush.net/trac/wikka/ticket/1097
http://wush.net/trac/wikka/ticket/1098

Products affected by CVE-2011-4452

Wikkawiki » Wikkawiki » Version: 1.3.1

cpe:2.3:a:wikkawiki:wikkawiki:1.3.1
Wikkawiki » Wikkawiki » Version: 1.3.2

cpe:2.3:a:wikkawiki:wikkawiki:1.3.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-4452

Products

Pricing

Contact Us