Описание
An issue was discovered in Roundcube Webmail before 1.4.4. A CSRF attack can cause an authenticated user to be logged out because POST was not considered.
Ссылки
- PatchThird Party Advisory
- PatchThird Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- PatchThird Party Advisory
- PatchThird Party Advisory
- ExploitIssue TrackingPatchThird Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Одно из
EPSS
6.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
An issue was discovered in Roundcube Webmail before 1.4.4. A CSRF attack can cause an authenticated user to be logged out because POST was not considered.
An issue was discovered in Roundcube Webmail before 1.4.4. A CSRF atta ...
An issue was discovered in Roundcube Webmail before 1.4.4. A CSRF attack can cause an authenticated user to be logged out because POST was not considered.
Уязвимость решения для IMAP-серверов на основе AJAX Roundcube, связанная с недостатками механизмов противодействия межсайтовой фальсификации, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
6.5 Medium
CVSS3
4.3 Medium
CVSS2