{"id":"CVE-2011-2085","details":"Multiple cross-site request forgery (CSRF) vulnerabilities in Best Practical Solutions RT before 3.8.12 and 4.x before 4.0.6 allow remote attackers to hijack the authentication of arbitrary users.","modified":"2026-04-10T03:41:48.788925Z","published":"2012-06-04T19:55:01Z","references":[{"type":"ADVISORY","url":"http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000204.html"},{"type":"ADVISORY","url":"http://secunia.com/advisories/49259"},{"type":"FIX","url":"http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000202.html"},{"type":"FIX","url":"http://lists.bestpractical.com/pipermail/rt-announce/2012-May/000203.html"},{"type":"WEB","url":"http://www.securityfocus.com/bid/53660"},{"type":"WEB","url":"https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"}],"schema_version":"1.7.5"}