Unrated severityNVD Advisory· Published Feb 23, 2009· Updated Jun 16, 2026
CVE-2009-0708
CVE-2009-0708
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in SemanticScuttle before 0.91 allow remote attackers to (1) hijack the authentication of administrators via unknown vectors or (2) hijack the authentication of arbitrary users via vectors involving the profile page.
Affected products
7cpe:2.3:a:semanticscuttle:semanticscuttle:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:semanticscuttle:semanticscuttle:*:*:*:*:*:*:*:*range: <=0.90
- cpe:2.3:a:semanticscuttle:semanticscuttle:0.85:*:*:*:*:*:*:*
- cpe:2.3:a:semanticscuttle:semanticscuttle:0.86:*:*:*:*:*:*:*
- cpe:2.3:a:semanticscuttle:semanticscuttle:0.87:*:*:*:*:*:*:*
- cpe:2.3:a:semanticscuttle:semanticscuttle:0.88:*:*:*:*:*:*:*
- cpe:2.3:a:semanticscuttle:semanticscuttle:0.89:*:*:*:*:*:*:*
- (no CPE)range: <0.91
Patches
Vulnerability mechanics
References
2- sourceforge.net/project/shownotes.phpnvdPatch
- secunia.com/advisories/33383nvdVendor Advisory
News mentions
0No linked articles in our index yet.