2 matches found
CVE-2013-6028
CVE-2013-6028 applies to Atmail Webmail Server (before 7.2). The connected sources confirm a CSRF vulnerability that lets an attacker hijack administrator authentication to perform actions such as adding, modifying, or deleting user accounts, or stopping the service. The vulnerability stems from ...
Atmail Webmail Server version 7.1.3 contains cross-site scripting (XSS) and cross-site request forgery (CSRF) vulnerabilities
Overview Atmail Webmail Server version 7.1.3 and possibly earlier versions contain stored cross-site scripting XSS CWE-79 and cross-site request forgery CSRF CWE-352 vulnerabilities. Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' -...