Cross-site request forgery (CSRF) vulnerability in SKYARC MTCMS prior to 5.252, and the MultiFileUploader 0.44 and previous versions, DuplicateEntry 1.2 and previous versions, MailPack 1.741 and previous versions, and AutoTagging 0.08 and previous versions plugins for Movable Type, allows remote malicious users to hijack the authentication of arbitrary users for requests that modify data.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
skyarc mtcms 5.251 |
||
skyarc mtcms 5.25 |
||
skyarc mtcms 5.24 |
||
skyarc mtcms 5.21 |
||
skyarc multifileuploader |
||
skyarc mtcms |
||
skyarc mailpack |
||
skyarc autotagging |
||
skyarc mtcms 5.23 |
||
skyarc mtcms 5.22 |
||
skyarc mtcms 5.2 |
||
skyarc duplicateentry |