Lucene search

K
prionPRIOn knowledge basePRION:CVE-2011-1491
HistoryApr 08, 2011 - 3:17 p.m.

Cross site request forgery (csrf)

2011-04-0815:17:00
PRIOn knowledge base
www.prio-n.com
2

AI Score

6.1

Confidence

Low

EPSS

0.002

Percentile

64.6%

The login form in Roundcube Webmail before 0.5.1 does not properly handle a correctly authenticated but unintended login attempt, which makes it easier for remote authenticated users to obtain sensitive information by arranging for a victim to login to the attacker’s account and then compose an e-mail message, related to a β€œlogin CSRF” issue.

AI Score

6.1

Confidence

Low

EPSS

0.002

Percentile

64.6%