vendor:
Open-Realty
by:
5.5
CVSS
MEDIUM
Cross-Site Request Forgery
352
CWE
Product Name: Open-Realty
Affected Version From: 2.5.2008
Affected Version To: 2.5.2008
Patch Exists: YES
Related CWE: CVE-2012-6034
CPE: a:transparent_technologies:open-realty:2.5.8
Platforms Tested:
2012
Open-Realty Cross-Site Request Forgery Vulnerability
The Open-Realty application is prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain unauthorized administrative actions and gain access to the affected application. Other attacks are also possible.
Mitigation:
To mitigate this vulnerability, users are advised to update to the latest version of Open-Realty.