CVE-2012-4002

CVE-2012-4002

EPSS 1.0%

Cross-site request forgery (CSRF) vulnerability in GLPI-PROJECT GLPI before 0.83.3 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://forge.indepnet.net/issues/3704 https://forge.indepnet.net/issues/3707 https://forge.indepnet.net/projects/glpi/versions/771 http://www.mandriva.com/security/advisories?name=MDVSA-2012:132 http://www.openwall.com/lists/oss-security/2012/07/13/1