CVE-2010-0638

Cross-site request forgery (CSRF) vulnerability in WebCalendar 1.2.0 allows remote attackers to hijack the authentication of administrators for requests that change the administrative password via unknown vectors.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 32%
VendorProductVersion
k5nwebcalendar
1.2.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
webcalendar
saucy
dne
raring
dne
quantal
dne
precise
dne
oneiric
dne
natty
dne
maverick
dne
lucid
ignored
karmic
ignored
jaunty
ignored
intrepid
ignored
hardy
ignored
dapper
ignored
Common Weakness Enumeration
References
http://secunia.com/advisories/38222
http://secunia.com/advisories/38222