Cross-site request forgery (CSRF) vulnerability in the sign-out page in Vanilla 1.1.4 and previous versions allows remote malicious users to hijack the authentication of arbitrary users for requests that trigger a logout via a SignOutNow action to people.php.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
lussumo vanilla 1.0.1 |
||
lussumo vanilla 1.0.2 |
||
lussumo vanilla 0.9.2 |
||
lussumo vanilla 1 |
||
lussumo vanilla 1.1.3 |
||
lussumo vanilla |
||
lussumo vanilla 1.1.1 |
||
lussumo vanilla 1.1.2 |
||
lussumo vanilla 1.0.3 |
||
lussumo vanilla 1.1 |
Vulmon