2 matches found
CVE-2017-14092
The absence of Anti-CSRF tokens in Trend Micro ScanMail for Exchange 12.0 web interface forms could allow an attacker to submit authenticated requests when an authenticated user browses an attacker-controlled domain...
CVE-2017-14092
CVE-2017-14092 describes a Cross-Site Request Forgery vulnerability in Trend Micro ScanMail for Exchange (SMEX) 12.x web interface. Root cause: the web forms lack Anti-CSRF tokens, allowing an authenticated user who visits a malicious domain to submit authenticated requests to the SMEX web consol...