Unrated severityNVD Advisory· Published Jun 15, 2010· Updated Jun 16, 2026
CVE-2010-2294
CVE-2010-2294
Description
Cross-site request forgery (CSRF) vulnerability in Plume CMS 1.2.4 and possibly earlier allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via unspecified vectors.
Affected products
2Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.