CVE-2010-0638
NONE
Published Feb 15, 201016y ago · Modified Jun 16, 20262w ago
Published Feb 15, 2010 16y ago
Last Modified Jun 16, 2026 2w ago
Description
Cross-site request forgery (CSRF) vulnerability in WebCalendar 1.2.0 allows remote attackers to hijack the authentication of administrators for requests that change the administrative password via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
Threat Intelligence
No active exploitation signals — not in CISA KEV and no EPSS score yet.
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-352 Cross-Site Request Forgery (CSRF) Authentication
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| k5n | webcalendar | 1.2.0 | any |
References 1
- secunia.com http://secunia.com/advisories/38222
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.