Cross-site request forgery (CSRF) vulnerability in adduser.do in Symantec LiveUpdate Administrator (LUA) before 2.3 allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts, and possibly have unspecified other impact, via the userRole parameter.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2011-03-28T16:00:00

Updated: 2024-08-06T21:58:26.012Z

Reserved: 2011-01-20T00:00:00

Link: CVE-2011-0545

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2011-03-28T16:55:04.357

Modified: 2024-11-21T01:24:15.630

Link: CVE-2011-0545

cve-icon Redhat

No data.