08 Juil 2019
Vulnérabilité CVE-2019-12923 CVE Vulnerability
In MailEnable Enterprise Premium 10.23, the potential cross-site request forgery (CSRF) protection mechanism was not implemented correctly and it was possible to bypass it by removing the anti-CSRF token parameter from the request. This could allow an attacker to manipulate a user into unwittingly performing actions within the application (such as sending email, adding contacts, or changing settings) on behalf of the attacker. (CVSS:0.0) (Last Update:2019-07-08)
Vulnerability Details : In MailEnable Enterprise Premium 10.23, the potential cross-site request forgery (CSRF) protection mechanism was not implemented correctly and it was possible to bypass it by removing the anti-CSRF token parameter from the request. This could allow an attacker to manipulate a user into unwittingly performing actions within the application (such as sending email, adding contacts, or changing settings) on behalf of the attacker. Publish Date : 2019-07-08 Last Update Date : 2019-07-08 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2019-12923
- References For CVE-2019-12923
| |||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2019-12923There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |