Cross site request forgery (csrf)

2013-04-2510:55:00

PRIOn knowledge base

www.prio-n.com

7.5 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

47.1%

JSON

Cross-site request forgery (CSRF) vulnerability in Cybozu Office before 8.1.6 and 9.x before 9.3.0, Cybozu Dezie before 8.0.7, and Cybozu Mailwise before 5.0.4 allows remote attackers to hijack the authentication of arbitrary users for requests that change passwords.

CPENameOperatorVersion
cybozu_dezieeq8.0.0
cybozu_dezieeq8.0.1
cybozu_dezieeq8.0.5
cybozu_deziele8.0.6
cybozu_dezieeq8.0.4
cybozu_dezieeq8.0.3
cybozu_dezieeq8.0.2
cybozu_officeeq9
cybozu_officeeq6
cybozu_officele8

Name	Operator	Version
cybozu_dezie	eq	8.0.0
cybozu_dezie	eq	8.0.1
cybozu_dezie	eq	8.0.5
cybozu_dezie	le	8.0.6
cybozu_dezie	eq	8.0.4
cybozu_dezie	eq	8.0.3
cybozu_dezie	eq	8.0.2
cybozu_office	eq	9
cybozu_office	eq	6
cybozu_office	le	8