The vulnerability of Kaspersky Secure Mail Gateway’s email protection mechanism, which stems from the absence of a CSRF token in web forms, allows for the hijacking of the administrator’s session.

The vulnerability of Kaspersky Secure Mail Gateway’s email protection mechanism lies in the absence of a CSRF token in web forms. Exploiting this vulnerability allows an attacker to forge inter-site requests and intercept the administrator’s session...

CVE-2018-6289

Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1...