CVE-2009-4092

Cross-site request forgery (CSRF) vulnerability in user.php in Simplog 0.9.3.2, and possibly earlier, allows remote attackers to hijack the authentication of administrators and users for requests that change passwords.

Cross-site request forgery (CSRF) vulnerability in user.php in Simplog 0.9.3.2, and possibly earlier, allows remote attackers to hijack the authentication of administrators and users for requests that change passwords.

Vulnerabilidad de falsificación de petición en sitios cruzados (CSRF) Simplog v0.9.3.2, y probablemente anteriores versiones, permite a atacantes remotos secuestrar la autenticación de administradores y usuarios para peticiones que cambian los passwords.