← Back

CVE-2011-1341

nvd nist
Published: Aug 19, 2011Modified: Apr 29, 2026

JSON object

Loading...
6.8
Vector
AV:N/AC:M/Au:N/C:P/I:P/A:P
Exploitability: 8.6 / Impact: 6.4
Source: NVD

Description

Cross-site request forgery (CSRF) vulnerability in Aimluck Aipo before 4.0.4.0, and Aipo for ASP before 4.0.4.0, allows remote attackers to hijack the authentication of administrators for requests that modify data.

Affected (4)

Products: Aimluck: Aipo, Aipo Asp
Aimluck
2 products
Aipo
Aipo Asp
Configuration A
4 vulnerable
Vulnerable SoftwareAffected Versions
Aimluck
Aipo
Up to 4.0.3.0
Aipo
Version 4.0.1.0
Aipo
Version 4.0.2.0
Aipo Asp
Up to 3.0.1.0

Related CWEs

CWE-352
Cross-Site Request Forgery (CSRF)
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

References (6)

Source: vultures@jpcert.or.jp
Patch
Source: vultures@jpcert.or.jp
Source: vultures@jpcert.or.jp
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch

Timeline

No history available yet.