CSRF vulnerability in WikkaWiki AdminUsers Component Allows Arbitrary User Account Deletion

CSRF vulnerability in WikkaWiki AdminUsers Component Allows Arbitrary User Account Deletion

CVE-2011-4452 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability in the AdminUsers component in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to hijack the authentication of administrators for requests that remove arbitrary user accounts via a delete operation, as demonstrated by an {{image}} action.

Learn more about our User Device Pen Test.