mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-09 15:15:46 +02:00
0xMarcio
904 B
904 B
CVE-2012-4059
Description
Cross-site request forgery (CSRF) vulnerability in home/secretqtn.php in SocketMail Pro 2.2.9 allows remote attackers to hijack the authentication of arbitrary users for requests that change user security questions and answers via an upd action.
POC
Reference
- http://packetstormsecurity.org/files/112090/SocketMail-Pro-2.2.9-Cross-Site-Request-Forgery-Cross-Site-Scripting.html
- http://packetstormsecurity.org/files/112090/SocketMail-Pro-2.2.9-Cross-Site-Request-Forgery-Cross-Site-Scripting.html
Github
No PoCs found on GitHub currently.