3 matches found
CVE-2015-4460
Cross-site request forgery CSRF vulnerability in SecuritySetting/UserSecurity/UserManagement.aspx in B.A.S C2Box before 4.0.0 r19171 allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via certain vectors...
CVE-2015-4460
Cross-site request forgery CSRF vulnerability in SecuritySetting/UserSecurity/UserManagement.aspx in B.A.S C2Box before 4.0.0 r19171 allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via certain vectors...
CVE-2015-4460
CVE-2015-4460 describes a Cross‑Site Request Forgery (CSRF) in B.A.S C2Box prior to 4.0.0 (r19171) that lets an unauthenticated attacker hijack an administrator’s session to add an admin account via SecuritySetting/UserSecurity/UserManagement.aspx, potentially compromising the domain. Connected s...