Cross-site request forgery (CSRF) vulnerability in Redback prior to 1.2.4, as used in Apache Archiva 1.0 up to and including 1.0.3, 1.1 up to and including 1.1.4, 1.2 up to and including 1.2.2, and 1.3 up to and including 1.3.1; and Apache Continuum 1.3.6, 1.4.0, and 1.1 up to and including 1.2.3.1; allows remote malicious users to hijack the authentication of administrators for requests that modify credentials.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jesse_mcconnell redback |
||
jesse_mcconnell redback 1.0 |
||
jesse_mcconnell redback 1.0.1 |
||
jesse_mcconnell redback 1.0.2 |
||
jesse_mcconnell redback 1.0.3 |
||
jesse_mcconnell redback 1.1 |
||
jesse_mcconnell redback 1.1.1 |
||
jesse_mcconnell redback 1.1.2 |
||
jesse_mcconnell redback 1.2 |
||
jesse_mcconnell redback 1.2.1 |
||
jesse_mcconnell redback 1.2.2 |
||
apache archiva 1.0 |
||
apache archiva 1.0.1 |
||
apache archiva 1.0.2 |
||
apache archiva 1.0.3 |
||
apache archiva 1.1 |
||
apache archiva 1.1.1 |
||
apache archiva 1.1.2 |
||
apache archiva 1.1.3 |
||
apache archiva 1.1.4 |
||
apache archiva 1.2 |
||
apache archiva 1.2.1 |
||
apache archiva 1.2.2 |
||
apache archiva 1.3 |
||
apache archiva 1.3.1 |