CSRF Vulnerability in WebsiteBaker 2.8.1 and Earlier: Inadequate Confirmation for Sensitive Transactions

CSRF Vulnerability in WebsiteBaker 2.8.1 and Earlier: Inadequate Confirmation for Sensitive Transactions

CVE-2011-2934 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

A Cross Site Request Forgery (CSRF) vulnerability exists in the administrator functions in WebsiteBaker 2.8.1 and earlier due to inadequate confirmation for sensitive transactions.

Learn more about our Web App Pen Testing.