Cross-site request forgery (CSRF) vulnerability in index.tmpl in Vuze (formerly Azureus HTML WebUI), probably 0.7.6, allows remote attackers to hijack the authentication of users for requests that force the download of arbitrary torrent files via the upurl parameter.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-04-03T18:00:00

Updated: 2024-08-07T11:34:47.160Z

Reserved: 2009-04-03T00:00:00

Link: CVE-2008-6587

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2009-04-03T18:30:00.280

Modified: 2024-11-21T00:56:55.527

Link: CVE-2008-6587

cve-icon Redhat

No data.