Description
Cross-site request forgery (CSRF) vulnerability in logout.action in Atlassian Confluence 3.4.6 allows remote attackers to hijack the authentication of administrators for requests that logout the user via a comment.
Remediation
References
Related Vulnerabilities
ownCloud Improper Authentication Vulnerability (CVE-2012-4392)
Jboss EAP Incorrect Authorization Vulnerability (CVE-2022-0866)
Joomla! Core 3.0.x Information Disclosure (3.0.0 - 3.0.2)
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-1862)
WordPress 2.6.1 Lost Password SQL Column Truncation Unauthorized Access Vulnerability (0.71 - 2.6.1)