Lucene search
Veracode Vulnerability DatabaseVERACODE:4489HistoryJun 28, 2017 - 2:52 a.m.
Multiple Cross-site Request Forgery(CSRF) Vulnerabilities
2017-06-2802:52:37
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.002 Low
EPSS
Percentile
62.1%
opensolutions/vimbadmin is susceptible to multiple cross-site request forgery (CSRF) vulnerabilities. The vulnerabilities are possible because of flaws in the addAction() method in the DomainController, MailboxController, ArchiveController and AliasController files and the purgeAction() method in the DomainController and MailboxController files. An attacker can delete an administrator, update an administrator’s password, delete a mailbox address, force the archival of a mail box address, remove the mailbox and alias addresses.
| CPE | Name | Operator | Version |
|---|---|---|---|
| opensolutions/vimbadmin | le | 3.0.15 |
Related
packetstorm
packetstorm
ViMbAdmin 3.0.15 Cross Site Request Forgery
2017-05-05 00:00:00
exploitpack
exploitpack
ViMbAdmin 3.0.15 - Multiple Cross-Site Request Forgery Vulnerabilities
2017-05-05 00:00:00
osv
osv
ViMbAdmin CSRF Vulnerabilities
2022-05-17 02:12:38
CVE-2017-6086
2017-06-27 20:29:01
cvelist
cvelist
CVE-2017-6086
2017-06-27 20:00:00
nvd
nvd
CVE-2017-6086
2017-06-27 20:29:01
cve
cve
CVE-2017-6086
2017-06-27 20:29:01
github
github
ViMbAdmin CSRF Vulnerabilities
2022-05-17 02:12:38
zdt
zdt
ViMbAdmin 3.0.15 - Multiple Cross-Site Request Forgery Vulnerability
2017-05-05 00:00:00
prion
prion
Cross site request forgery (csrf)
2017-06-27 20:29:00
exploitdb
exploitdb
ViMbAdmin 3.0.15 - Multiple Cross-Site Request Forgery Vulnerabilities
2017-05-05 00:00:00
openvas
openvas
ViMbAdmin Multiple Vulnerabilities
2017-06-14 00:00:00