CVE-2010-3030
Published Aug 17, 2010
Last updated 14 years ago
Overview
- Description
- Cross-site request forgery (CSRF) vulnerability in Tomaz Muraus Open Blog 1.2.1, and possibly earlier, allows remote attackers to hijack the authentication of administrators for requests that change the administrative password. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-352
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:tomaz-muraus:open_blog:1.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E4464F4A-E8E6-4F69-BFF7-9A604EEFD03C"
}
],
"operator": "OR"
}
]
}
]