CVE-2012-3343

bloxx web_filtering < 5.0.13 - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Description

Cross-site request forgery (CSRF) vulnerability in Microdasys before 3.5.1-B708, as used in Bloxx Web Filtering before 5.0.14 and other products, allows remote attackers to hijack the authentication of arbitrary users for requests that trigger error pages containing XSS sequences, a different vulnerability than CVE-2012-2564.

References (2)

Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_confirm
http://www.kb.cert.org/vuls/id/MAPG-8R9LBY
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/722963

Scores

EPSS 0.0060
EPSS Percentile 44.6%

Details

CWE
CWE-352
Status published
Products (1)
bloxx/web_filtering < 5.0.13
Published Jun 09, 2012
Tracked Since Feb 18, 2026