CSRF in K5n Webcalendar

CVE-2010-0638

Cross-site request forgery (CSRF) vulnerability in WebCalendar 1.2.0 allows remote attackers to hijack the authentication of administrators for requests that change the administrative password via unknown vectors. NOTE: the provenance of…

Vulnerability class: CSRF (Cross-Site Request Forgery)

EPSS: 0.006 (42.9th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References

  • cve@mitre.org (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)