Zenoss Multiple Cross Site Request Forgery Vulnerabilities

Zenoss is prone to multiple cross-site request-forgery vulnerabilities.

Exploiting these issues may allow a remote attacker to perform certain administrative actions, execute arbitrary commands, gain unauthorized access to the affected application, or delete certain data. Other attacks are also possible.

Zenoss 2.3.3 is vulnerable; prior versions are also vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus