CVE-2014-6409

2014-10-06T23:55:00
ID CVE-2014-6409
Type cve
Reporter cve@mitre.org
Modified 2017-09-08T01:29:00

Description

Cross-site request forgery (CSRF) vulnerability in M/Monit 3.3.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that change user passwords via the fullname and password parameters to /admin/users/update.