Cross-Site Request Forgery (CSRF) vulnerability in tDiary 2.1.1, and tDiary 2.0.1 and previous versions, allows remote malicious users to conduct actions as another user, and execute commands on the server, via a URL that is activated by the user.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tdiary tdiary 2.1.1 |
||
tdiary tdiary |