Description

Cross-site request forgery (CSRF) vulnerability in core/ajax/appconfig.php in ownCloud before 4.0.7 allows remote attackers to hijack the authentication of administrators for requests that edit the app configurations.

Remediation

References

CVE-2012-4391

Related Vulnerabilities

Twisted Web HTTP Server Improper Certificate Validation Vulnerability (CVE-2019-12855)

WordPress Plugin WP Visitor Statistics (Real Time Traffic) Unspecified Vulnerability (4.8)

WordPress Plugin DELUCKS SEO Cross-Site Scripting (2.1.7)

Jenkins Protection Mechanism Failure Vulnerability (CVE-2021-21690 )

Moodle Resource Management Errors Vulnerability (CVE-2015-2268)

Severity

Medium

Classification

CVE-2012-4391 CWE-352

Tags

Missing Update Known Vulnerabilities