CVE-2011-3994 Information

Description

Cross-site request forgery (CSRF) vulnerability in SKYARC MTCMS before 5.252 and the MultiFileUploader 0.44 and earlier DuplicateEntry 1.2 and earlier MailPack 1.741 and earlier and AutoTagging 0.08 and earlier plugins for Movable Type allows remote attackers to hijack the authentication of arbitrary users for requests that modify data.

Reference

http://jvn.jp/en/jp/JVN56667137/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2011-000094 http://www.mtcms.jp/news/product/201110131921.html