CVE-2014-9104
CVE-2014-9104 covers CSRF vulnerabilities in the XML-RPC API of the OpenVPN Access Server Desktop Client (versions up to 1.5.6). The issues allow an attacker to hijack administrator authentication and perform actions via crafted API requests, including disconnecting VPN sessions, connecting to ar...