Security Advisory

CVE-2012-4059

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2012-07-25 21:00:00
Last updated 2024-08-06 20:28:06
Assigner mitre
State PUBLISHED

Description

Cross-site request forgery (CSRF) vulnerability in home/secretqtn.php in SocketMail Pro 2.2.9 allows remote attackers to hijack the authentication of arbitrary users for requests that change user security questions and answers via an upd action.