CVE-2021-27181
CVE-2021-27181 affects MDaemon before 20.0.4. Remote Administration allows manipulation of the anti-CSRF token via a crafted URL, enabling an attacker to trick an authenticated user into performing actions with the user’s privileges. Exploitation requires user interaction (visiting a malicious pa...