cvelist/2012/3xxx/CVE-2012-3362.json

{
    "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2012-3362",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "n/a",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "n/a"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "n/a"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Cross-site request forgery (CSRF) vulnerability in eXtplorer 2.1 RC3 and earlier allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via an adduser admin action."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "n/a"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "http://www.autosectools.com/Advisories/eXtplorer.2.1.RC3_Cross-site.Request.Forgery_174.html",
                "refsource": "MISC",
                "url": "http://www.autosectools.com/Advisories/eXtplorer.2.1.RC3_Cross-site.Request.Forgery_174.html"
            },
            {
                "name": "DSA-2510",
                "refsource": "DEBIAN",
                "url": "http://www.debian.org/security/2012/dsa-2510"
            },
            {
                "name": "[oss-security] 20120624 Re: CVE request: CSRF in eXtplorer",
                "refsource": "MLIST",
                "url": "http://www.openwall.com/lists/oss-security/2012/06/25/1"
            },
            {
                "name": "[oss-security] 20120624 CVE request: CSRF in eXtplorer",
                "refsource": "MLIST",
                "url": "http://www.openwall.com/lists/oss-security/2012/06/24/1"
            },
            {
                "name": "[oss-security] 20120626 Re: CVE request: CSRF in eXtplorer",
                "refsource": "MLIST",
                "url": "http://www.openwall.com/lists/oss-security/2012/06/26/1"
            },
            {
                "name": "[oss-security] 20120627 Re: CVE request: CSRF in eXtplorer",
                "refsource": "MLIST",
                "url": "http://www.openwall.com/lists/oss-security/2012/06/27/1"
            }
        ]
    }
}