← back
CVE-2012-1058

CVE-2012-1058

EPSS 0.9%
Cross-site request forgery (CSRF) vulnerability in Flyspray 0.9.9.6 allows remote attackers to hijack the authentication of admins for requests that add admin accounts via an admin.newuser action to index.php.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://osvdb.org/78923http://packetstormsecurity.org/files/109507/Flyspray-0.9.9.6-Cross-Site-Request-Forgery.htmlhttp://secunia.com/advisories/47881https://exchange.xforce.ibmcloud.com/vulnerabilities/73051http://www.exploit-db.com/exploits/18468