oss-sec mailing list archives
CVE request CSRF in sogo
From: Stefan Castille <stefan.castille () bonnierdigital se>
Date: Tue, 7 Jul 2015 14:18:27 +0200
Hej, I would like to request a CVE for a CSRF vulnerability in sogo, the open groupware platform. site: www.sogo.nu Previously requested: no Type: CSRF Affected versions: up till 2.3.0 (current) Description: The application does not protect against CSRF attacks for most of its functions. Only change password seems to have some protection. But functions such as sending email, setting up mail forward and everything else is not protected. http://www.sogo.nu/bugs/view.php?id=3246 Stefan Castille
Current thread:
- CVE request CSRF in sogo Stefan Castille (Jul 07)
- Re: CVE request CSRF in sogo cve-assign (Jul 10)