Cross-site request forgery (CSRF) vulnerability in _ah/admin/interactive/execute (aka the Interactive Console) in the SDK Console (aka Admin Console) in the Google App Engine Python SDK before 1.5.4 allows remote attackers to hijack the authentication of administrators for requests that execute arbitrary Python code via the code parameter.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2011-10-30T19:00:00

Updated: 2024-08-06T22:21:34.074Z

Reserved: 2011-03-10T00:00:00

Link: CVE-2011-1364

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2011-10-30T19:55:00.913

Modified: 2024-11-21T01:26:09.457

Link: CVE-2011-1364

cve-icon Redhat

No data.