CVE-2011-2191
Publication date 7 October 2011
Last updated 24 July 2024
Ubuntu priority
Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in Cherokee before 1.2.99 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences, as demonstrated by a crafted nickname field to vserver/apply.
Status
Package | Ubuntu Release | Status |
---|---|---|
cherokee | ||
16.04 LTS xenial | Not in release | |
14.04 LTS trusty | Not in release | |