CVE-2008-5758 - Cross-Site Request Forgery (CSRF) vulnerability in PHParanoid

Summary

Cross-site request forgery (CSRF) vulnerability in PHParanoid before 0.5 allows remote attackers to perform unspecified actions as authenticated users via unknown vectors related to private messages.

Classification

CWE-352 - Cross-Site Request Forgery (CSRF)

Risk level (CVSS 6.8)

Medium

6.8

Access Vector

Network
Adjacent Network
Local

Access Complexity

Low
Medium
High

Authentication

None
Single
Multiple

Confident. Impact

Complete
Partial
None

Integrity Impact

Complete
Partial
None

Affected Products

Phparanoid Phparanoid 0.1
Phparanoid Phparanoid 0.2
Phparanoid Phparanoid 0.3
Phparanoid Phparanoid 0.4

External references

http://sourceforge.net/project/shownotes.php?release_id=575374
https://exchange.xforce.ibmcloud.com/vulnerabilities/47749