CVE-2008-3760

N/A Unknown

Published: August 21, 2008 Modified: April 23, 2026

Description

Cross-site request forgery (CSRF) vulnerability in the sign-out page in Vanilla 1.1.4 and earlier allows remote attackers to hijack the authentication of arbitrary users for requests that trigger a logout via a SignOutNow action to people.php.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://lussumo.com/bugs/discussion/88/csrf-attack-hole/

Source: cve@mitre.org

Exploit

http://lussumo.com/community/discussion/8463/possible-security-flaw/#Comment_88511

Source: cve@mitre.org

Exploit

http://lussumo.com/community/discussion/8559/vanilla-115-release-candidate-1/

Source: cve@mitre.org

http://lussumo.com/docs/doku.php?id=vanilla:releasenotes

Source: cve@mitre.org

http://secunia.com/advisories/31527

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/44558

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/44748

Source: cve@mitre.org

http://lussumo.com/bugs/discussion/88/csrf-attack-hole/