2 matches found
CVE-2020-9346
Zoho ManageEngine Password Manager Pro 10.4 and prior has no protection against Cross-site Request Forgery CSRF attacks, as demonstrated by changing a user's role...
CVE-2020-9346
CVE-2020-9346 concerns Zoho ManageEngine Password Manager Pro (versions 10.4 and earlier). The issue is a lack of protection against Cross-site Request Forgery (CSRF) that can be demonstrated by changing a user’s role, implying an access/privilege modification via forged requests. Exploitation st...