CVE-2008-6587 Information

Description

Cross-site request forgery (CSRF) vulnerability in index.tmpl in Vuze (formerly Azureus HTML WebUI) probably 0.7.6 allows remote attackers to hijack the authentication of users for requests that force the download of arbitrary torrent files via the upurl parameter.

Reference

http://www.securityfocus.com/archive/1/491066/100/0/threaded http://www.securityfocus.com/bid/28848 https://exchange.xforce.ibmcloud.com/vulnerabilities/41926 Cross-site request forgery (CSRF) vulnerability in index.tmpl in Vuze (formerly Azureus HTML WebUI) probably 0.7.6 allows remote attackers to hijack the authentication of users for requests that force the download of arbitrary torrent files via the upurl parameter.