Cross-site request forgery (CSRF) vulnerability in the AdminUsers component in WikkaWiki 1.3.1 and 1.3.2 allows remote malicious users to hijack the authentication of administrators for requests that remove arbitrary user accounts via a delete operation, as demonstrated by an {{image}} action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wikkawiki wikkawiki 1.3.2 |
||
wikkawiki wikkawiki 1.3.1 |