CSRF in Novell Suse_lifecycle_management_server
CVE-2010-1325
Cross-site request forgery (CSRF) vulnerability in the apache2-slms package in SUSE Lifecycle Management Server (SLMS) 1.0 on SUSE Linux Enterprise (SLE) 11 allows remote attackers to hijack the authentication of unspecified victims via ve…
Vulnerability class: CSRF (Cross-Site Request Forgery)
EPSS: 0.002 (40.6th percentile) — read the EPSS interpretation.
Affected products
- Novell Suse_lifecycle_management_server — versions 1.0
- Novell Suse_linux — versions 11
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_CONFIRM)
- 42121 (vdb-entry, x_refsource_BID)
- SUSE-SR:2010:014 (vendor-advisory, x_refsource_SUSE)
- cve@mitre.org (x_refsource_CONFIRM)
- apacheslms-quoting-csrf(61006) (vdb-entry, x_refsource_XF)