|Date: (C)2012-03-19 (M)2015-12-16|| |
Multiple cross-site request forgery (CSRF) vulnerabilities in Janetter before 18.104.22.168 (aka 3.3.0) allow remote attackers to hijack the authentication of arbitrary users for requests that (1) tweet, (2) upload an image file, or (3) execute arbitrary commands.
|CVSS Score: 6.8||Access Vector: NETWORK|
|Exploit Score: 8.6||Access Complexity: MEDIUM|
|Impact Score: 6.4||Authentication: NONE|
| ||Confidentiality: PARTIAL|
| ||Integrity: PARTIAL|
| ||Availability: PARTIAL|