Bugtraq mailing list archives
MkPortal Urlobox Cross Site Request Forgery
From: info () burnhead it
Date: 19 Dec 2006 22:27:27 -0000
MkPortal Urlobox Cross Site Request Forgery Discovered by: Demential Web: http://www.burnhead.it E-mail: info () burnhead it Mkportal website: http://www.mkportal.it posting [img]?ind=urlobox&op=delete&idurlo=X[/img] in MkPortal urlobox where X is an ID of a message, when administrator opens urlobox page message X will be erased.
Current thread:
- MkPortal Urlobox Cross Site Request Forgery info (Dec 19)
- <Possible follow-ups>
- Re: MkPortal Urlobox Cross Site Request Forgery securityfocus (Dec 21)
- Re: MkPortal Urlobox Cross Site Request Forgery securityfocus (Dec 21)