Posted by Curesec Research Team (CRT) on Sep 02

NibbleBlog 4.0.3: CSRF
Security Advisory – Curesec Research Team

1. Introduction

Affected Product: NibbleBlog 4.0.3
Fixed in: not fixed
Fixed Version Link: n/a
Vendor Contact: Website: http://www.nibbleblog.com/
Vulnerability Type: CSRF
Remote Exploitable: Yes
Reported to vendor: 07/21/2015
Disclosed to public: 09/01/2015
Release mode: Full…