CVE-2004-1995
6.5
CVSS Score
Medium
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Link copied!
Description
Cross-Site Request Forgery (CSRF) vulnerability in FuseTalk 2.0 allows remote attackers to create arbitrary accounts via a link to adduser.cfm.
CVSS Vector Details
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None
Affected Software Configurations
- a fusetalk fusetalk 2.0 - * * * * * *
Weaknesses (CWE)
- CWE-352
References & External Links
- http://marc.info/?l=bugtraq&m=108377423825478&w=2
- http://secunia.com/advisories/11555
- http://securitytracker.com/id?1010080
- http://www.osvdb.org/5895
- http://www.securityfocus.com/bid/10276
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16080
- http://marc.info/?l=bugtraq&m=108377423825478&w=2
- http://secunia.com/advisories/11555
- http://securitytracker.com/id?1010080
- http://www.osvdb.org/5895
- http://www.securityfocus.com/bid/10276
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16080
External Resources
CVE History Timeline
May 26, 2005 14:20
Initial Analysis
Oct 18, 2016 03:04
CVE Modified
Jul 11, 2017 01:31
CVE Modified
Feb 08, 2024 20:46
Modified Analysis
May 14, 2024 01:27
CVE Modified
Nov 20, 2024 23:52
CVE Modified