CVE-2011-4452 Information

Description

Cross-site request forgery (CSRF) vulnerability in the AdminUsers component in WikkaWiki 1.3.1 and 1.3.2 allows remote attackers to hijack the authentication of administrators for requests that remove arbitrary user accounts via a delete operation as demonstrated by an image action.

Reference

http://wush.net/trac/wikka/changeset/1819 http://wush.net/trac/wikka/changeset/1832 http://wush.net/trac/wikka/ticket/1097 http://wush.net/trac/wikka/ticket/1098