Multiple cross-site request forgery (CSRF) vulnerabilities in phpList 2.10.13 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) create a list or (2) insert cross-site scripting (XSS) sequences. NOTE: this issue exists because of an incomplete fix for CVE-2011-0748. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2011-04-13T14:00:00

Updated: 2024-08-06T22:37:24.554Z

Reserved: 2011-04-12T00:00:00

Link: CVE-2011-1682

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2011-04-13T14:55:01.450

Modified: 2024-11-21T01:26:47.647

Link: CVE-2011-1682

cve-icon Redhat

No data.