← back
CVE-2013-2305

CVE-2013-2305

EPSS 0.6%
Cross-site request forgery (CSRF) vulnerability in Cybozu Office before 8.1.6 and 9.x before 9.3.0, Cybozu Dezie before 8.0.7, and Cybozu Mailwise before 5.0.4 allows remote attackers to hijack the authentication of arbitrary users for requests that change passwords.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://cs.cybozu.co.jp/information/20130415up10.phphttp://jvndb.jvn.jp/jvndb/JVNDB-2013-000034http://jvn.jp/en/jp/JVN06251813/374951/index.htmlhttp://jvn.jp/en/jp/JVN06251813/index.html