4 matches found
CVE-2013-6826
cgi-bin/module//sysmanager/admin/SYSAdminUserDialog in Fortinet FortiAnalyzer before 5.0.5 does not properly validate the csrftoken parameter, which allows remote attackers to perform cross-site request forgery CSRF attacks...
CVE-2013-6826
cgi-bin/module//sysmanager/admin/SYSAdminUserDialog in Fortinet FortiAnalyzer before 5.0.5 does not properly validate the csrftoken parameter, which allows remote attackers to perform cross-site request forgery CSRF attacks...
CVE-2013-6826
Fortinet FortiAnalyzer (pre-5.0.5) is affected by CVE-2013-6826 due to improper validation of the csrf_token parameter, enabling cross-site request forgery via multiple web UI scripts. The underlying issue is lack of CSRF protection in SYSAdminUserDialog paths, leading to potential session hijack...
CVE-2013-6826
creationtimestamp| type| source ---|---|--- 2013-10-12 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38824...