Family Connections Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2012-0699 - Vulnerability Database

Family Connections Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2012-0699

High
Reference: CVE-2012-0699
Title: Family Connections Cross-Site Request Forgery (CSRF) Vulnerability
Overview:

Multiple cross-site request forgery (CSRF) vulnerabilities in Family Connections CMS (aka FCMS) 2.9 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add news via an add action to familynews.php or (2) add a prayer via an add action to prayers.php.