CSRF Vulnerability in X7 Chat 2.0.5.1 and Earlier: Unauthorized User Addition

CSRF Vulnerability in X7 Chat 2.0.5.1 and Earlier: Unauthorized User Addition

CVE-2012-6047 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability in X7 Chat 2.0.5.1 and earlier allows remote attackers to hijack the authentication of administrators for requests that add a user to an arbitrary group via the users page in an adminpanel action to index.php.

Learn more about our User Device Pen Test.