Описание
Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail before 1.1.5 allows remote attackers to hijack the authentication of users for requests that download attachments and cause a denial of service (disk consumption) via unspecified vectors.
Ссылки
- Third Party Advisory
- Mailing ListThird Party Advisory
- Issue TrackingPatch
- Issue TrackingPatch
- Issue TrackingMailing List
- Release Notes
- Release Notes
- Third Party Advisory
- Mailing ListThird Party Advisory
- Issue TrackingPatch
- Issue TrackingPatch
- Issue TrackingMailing List
- Release Notes
- Release Notes
Уязвимые конфигурации
EPSS
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
Связанные уязвимости
Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail before 1.1.5 allows remote attackers to hijack the authentication of users for requests that download attachments and cause a denial of service (disk consumption) via unspecified vectors.
Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail b ...
Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail before 1.1.5 allows remote attackers to hijack the authentication of users for requests that download attachments and cause a denial of service (disk consumption) via unspecified vectors.
EPSS
8.8 High
CVSS3
6.8 Medium
CVSS2