2 matches found
Ponton X/P Messenger Cross-Site Request Forgery Vulnerability
PONTON X/P Messenger is a highly configurable ebXML, AS/1, AS/2, AS/3 and AS/4 compliant messaging software from PONTON Germany. For example, xpadmin...
CVE-2021-45886
An issue was discovered in PONTON X/P Messenger before 3.11.2. Anti-CSRF tokens are globally valid, making the web application vulnerable to a weakened version of CSRF, where an arbitrary token of a low-privileged user such as operator can be used to confirm actions of higher-privileged ones such...