Security Advisory

CVE-2012-1414

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2012-10-07 21:00:00

Last updated 2024-08-06 18:53:37

Assigner mitre

State PUBLISHED

Description

Cross-site request forgery (CSRF) vulnerability in manager/news.php in Plume CMS 1.2.4 and earlier allows remote attackers to hijack the authentication of administrators for requests that create News pages via a publish action.

← Browse all CVEs View on cve.org ↗