CVE-2008-5941

EUVD-2008-5911
Cross-site request forgery (CSRF) vulnerability in MODx 0.9.6.1p2 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:S/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 38%
Affected Products (NVD)
VendorProductVersion
modxcmsmodxcms
𝑥
≤ 0.9.6.1
modxcmsmodxcms
0.9.0
modxcmsmodxcms
0.9.1
modxcmsmodxcms
0.9.2.1
modxcmsmodxcms
0.9.5
modxcmsmodxcms
0.9.6
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://jvn.jp/en/jp/JVN66828183/index.html
http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000004.html
http://svn.modxcms.com/svn/tattoo/tattoo/releases/0.9.6.3/install/changelog.txt
http://jvn.jp/en/jp/JVN66828183/index.html
http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000004.html
http://svn.modxcms.com/svn/tattoo/tattoo/releases/0.9.6.3/install/changelog.txt