CSRF in K5n Webcalendar
CVE-2010-0638
Cross-site request forgery (CSRF) vulnerability in WebCalendar 1.2.0 allows remote attackers to hijack the authentication of administrators for requests that change the administrative password via unknown vectors. NOTE: the provenance of…
Vulnerability class: CSRF (Cross-Site Request Forgery)
EPSS: 0.006 (42.9th percentile) — read the EPSS interpretation.
Affected products
- K5n Webcalendar — versions 1.2.0
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)