CVE-2009-2005

Dokeos 1.8.5 - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Description

Cross-site request forgery (CSRF) vulnerability in Dokeos 1.8.5, and possibly earlier, allows remote attackers to hijack the authentication of unspecified victims and add new personal agenda items via unknown vectors.

References (5)

Core 5
Core References
Various Sources x_refsource_misc
http://holisticinfosec.org/content/view/112/45/
Patch, Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2009/1300
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/34879
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/34928

Scores

EPSS 0.0066
EPSS Percentile 47.1%

Details

CWE
CWE-352
Status published
Products (1)
dokeos/dokeos 1.8.5
Published Jun 08, 2009
Tracked Since Feb 18, 2026