| Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2011-0535 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in the Users module in Zikula before 1.2.5 allows remote attackers to hijack the authentication of administrators for requests that change account privileges via an edit access_permissions action to ind
|
22-09-2011 - 03:28 | 08-02-2011 - 22:00 | |
| CVE-2011-0911 | 4.3 |
Cross-site scripting (XSS) vulnerability in the Users module in Zikula before 1.2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: it is possible that this overlaps CVE-2011-0535.
|
14-02-2011 - 05:00 | 08-02-2011 - 22:00 |