cbcvebase.
CVE-2011-2191
published 2011-10-07

CVE-2011-2191: Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in Cherokee before 1.2.99 allows remote attackers to hijack the authentication of…

PriorityP424medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
1.40%
69.0th percentile
Cross-site request forgery (CSRF) vulnerability in Cherokee-admin in Cherokee before 1.2.99 allows remote attackers to hijack the authentication of administrators for requests that insert cross-site scripting (XSS) sequences, as demonstrated by a crafted nickname field to vserver/apply.

Affected

137 ranges· showing 25
VendorProductVersion rangeFixed in
cherokee-projectcherokee<= 1.2.98
cherokee-projectcherokee
cherokee-projectcherokee
cherokee-projectcherokee
cherokee-projectcherokee
cherokee-projectcherokee
cherokee-projectcherokee
cherokee-projectcherokee
cherokee-projectcherokee
cherokee-projectcherokee
cherokee-projectcherokee
cherokee-projectcherokee
cherokee-projectcherokee
cherokee-projectcherokee
cherokee-projectcherokee
cherokee-projectcherokee
cherokee-projectcherokee
cherokee-projectcherokee
cherokee-projectcherokee
cherokee-projectcherokee
cherokee-projectcherokee
cherokee-projectcherokee
cherokee-projectcherokee
cherokee-projectcherokee
cherokee-projectcherokee
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.