Multiple cross-site request forgery (CSRF) vulnerabilities in Nuke ET 3.2 and 3.4 allow remote attackers to perform actions as administrators, as demonstrated by inserting an XSS sequence into a document.
Software | From | Fixed in |
---|---|---|
truzone / nuke_et | 3.2 | 3.2.x |
truzone / nuke_et | 3.4 | 3.4.x |