ID de Prueba:	1.3.6.1.4.1.25623.1.0.800400
Categoría:	Web application abuses
Título:	TWiki CSRF Vulnerability
Resumen:	TWiki is prone to a cross-site request forgery (CSRF) vulnerability.
Descripción:	Summary: TWiki is prone to a cross-site request forgery (CSRF) vulnerability. Vulnerability Insight: Remote authenticated user can create a specially crafted image tag that, when viewed by the target user, will update pages on the target system with the privileges of the target user via HTTP requests. Vulnerability Impact: Successful exploitation will allow attacker to gain administrative privileges on the target application and can cause CSRF attack. Affected Software/OS: TWiki version prior to 4.3.1 Solution: Upgrade to version 4.3.1 or later. CVSS Score: 6.0 CVSS Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1339 http://www.nabble.com/Bug-526258:-CVE-2009-1339:-CSRF-Vulnerability-with-Image-Tag-td23311575.html http://sourceforge.net/mailarchive/forum.php?thread_name=7E0723DC-CBFF-4DBD-B26C-8686287FF689%40twiki.net&forum_name=twiki-announce http://securitytracker.com/id?1022146 http://secunia.com/advisories/34880 http://www.vupen.com/english/advisories/2009/1217 XForce ISS Database: twiki-unspecified-csrf(50254) https://exchange.xforce.ibmcloud.com/vulnerabilities/50254
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.