Vulnerabilities > KAN Studio > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-01-03 | CVE-2010-5319 | Cross-Site Request Forgery (CSRF) vulnerability in Kan-Studio Kandidat CMS 1.4.2 Multiple cross-site request forgery (CSRF) vulnerabilities in Kandidat CMS 1.4.2 allow remote attackers to hijack the authentication of administrators for requests that (1) modify settings via a validate action to admin/settings.php, (2) modify pages via the what parameter to admin/edit.php, or (3) modify articles via the edit parameter to admin/news.php. | 6.8 |