Description
Cross-site request forgery (CSRF) vulnerability in MODx 0.9.6.1p2 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors.
References (3)
Core 3
Core References
Third Party Advisory third-party-advisory
x_refsource_jvn
http://jvn.jp/en/jp/JVN66828183/index.html
Release Notes x_refsource_confirm
http://svn.modxcms.com/svn/tattoo/tattoo/releases/0.9.6.3/install/changelog.txt
Third Party Advisory third-party-advisory
x_refsource_jvndb
http://jvndb.jvn.jp/en/contents/2009/JVNDB-2009-000004.html
Scores
EPSS
0.0048
EPSS Percentile
38.0%
Details
CWE
CWE-352
Status
published
Products (6)
modxcms/modxcms
0.9.0
modxcms/modxcms
0.9.1
modxcms/modxcms
0.9.2.1
modxcms/modxcms
0.9.5
modxcms/modxcms
0.9.6
modxcms/modxcms
< 0.9.6.1
Published
Jan 22, 2009
Tracked Since
Feb 18, 2026