CVE-2012-4059

Publication date

2012-07-25 21:00:00

Family

mitre

State

PUBLISHED

Description

Cross-site request forgery (CSRF) vulnerability in home/secretqtn.php in SocketMail Pro 2.2.9 allows remote attackers to hijack the authentication of arbitrary users for requests that change user security questions and answers via an upd action.