Cross-site request forgery (CSRF) vulnerability in Redback prior to 1.2.4, as used in Apache Archiva 1.0 up to and including 1.0.3, 1.1 up to and including 1.1.4, 1.2 up to and including 1.2.2, and 1.3 up to and including 1.3.1; and Apache Continuum 1.3.6, 1.4.0, and 1.1 up to and including 1.2.3.1; allows remote malicious users to hijack the authentication of administrators for requests that modify credentials.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jesse mcconnell redback |
||
jesse mcconnell redback 1.0 |
||
jesse mcconnell redback 1.0.1 |
||
jesse mcconnell redback 1.0.2 |
||
jesse mcconnell redback 1.0.3 |
||
jesse mcconnell redback 1.1 |
||
jesse mcconnell redback 1.1.1 |
||
jesse mcconnell redback 1.1.2 |
||
jesse mcconnell redback 1.2 |
||
jesse mcconnell redback 1.2.1 |
||
jesse mcconnell redback 1.2.2 |
||
apache archiva 1.0 |
||
apache archiva 1.0.1 |
||
apache archiva 1.0.2 |
||
apache archiva 1.0.3 |
||
apache archiva 1.1 |
||
apache archiva 1.1.1 |
||
apache archiva 1.1.2 |
||
apache archiva 1.1.3 |
||
apache archiva 1.1.4 |
||
apache archiva 1.2 |
||
apache archiva 1.2.1 |
||
apache archiva 1.2.2 |
||
apache archiva 1.3 |
||
apache archiva 1.3.1 |