Multiple cross-site request forgery (CSRF) vulnerabilities in CGI programs in Seeds acmailer before 3.8.17 and 3.9.x before 3.9.10 Beta allow remote attackers to hijack the authentication of arbitrary users for requests that modify or delete data, as demonstrated by modifying data affecting authorization.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: jpcert

Published: 2014-07-29T20:00:00

Updated: 2024-08-06T10:57:17.934Z

Reserved: 2014-05-27T00:00:00

Link: CVE-2014-3896

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-07-29T20:55:08.647

Modified: 2024-11-21T02:09:04.857

Link: CVE-2014-3896

cve-icon Redhat

No data.