CSRF Vulnerabilities in SiT! 3.65 Allow Remote User Hijacking

CSRF Vulnerabilities in SiT! 3.65 Allow Remote User Hijacking

CVE-2011-5068 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Multiple cross-site request forgery (CSRF) vulnerabilities in Support Incident Tracker (aka SiT!) 3.65 allow remote attackers to hijack the authentication of user for requests that delete a user via user_delete.php and other unspecified programs.

Learn more about our User Device Pen Test.