cpe:/a:collabtive:collabtive:0.4.8 CVE-2008-6949 2009-08-12T06:30:00.750-04:00 2017-09-28T21:33:26.637-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-08-12T09:07:00.000-04:00 BUGTRAQ 20081110 Collabtive 0.4.8 Multiple Vulnerabilities EXPLOIT-DB 7076 Multiple cross-site request forgery (CSRF) vulnerabilities in Collabtive 0.4.8 allow remote attackers to hijack the authentication of administrators for requests that (1) submit or edit a new project, or (2) upload files to a project, or (3) attach files to messages via unknown vectors. NOTE: these issues can be leveraged with other vulnerabilities to create remote attack vectors that do not require authentication.