Vulnerabilities > CVE-2007-0912 - Cross-Site Request Forgery vulnerability in Jportal web Server 2.3.1

047910
CVSS 9.3 - CRITICAL
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
jportal
critical

Summary

Cross-Site Request Forgery (CSRF) vulnerability in admin/admin.adm.php in Jportal 2.3.1, and possibly earlier, allows remote attackers to perform privileged actions as administrators by tricking the admin into accessing a URL with modified arguments to admin/admin.adm.php.

Vulnerable Configurations

Part Description Count
Application
Jportal
1