CVE-2009-1733 Information

Description

Cross-site request forgery (CSRF) vulnerability in IPplan 4.91a allows remote attackers to hijack the authentication of administrators for requests that (1) change the password (2) add users or (3) delete users via unknown vectors.

Reference

http://holisticinfosec.org/content/view/113/45/ http://osvdb.org/54601 http://secunia.com/advisories/34985 https://exchange.xforce.ibmcloud.com/vulnerabilities/50632