Description

Cross-site request forgery (CSRF) vulnerability in the Admin web interface in OpenVPN Access Server before 1.8.5 allows remote attackers to hijack the authentication of administrators for requests that create administrative users.

Remediation

References

CVE-2013-2692

Related Vulnerabilities

WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Cross-Site Request Forgery (4.4.2)

Contao Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-19745)

Apache HTTP Server Other Vulnerability (CVE-2005-2728)

WordPress Plugin Multi Step Form Multiple Cross-Site Scripting Vulnerabilities (1.2.5)

WordPress Plugin WP RSS Aggregator-News Feeds, Autoblogging, Youtube Video Feeds and More Cross-Site Scripting (4.19.1)

Severity

Medium

Classification

CVE-2013-2692 CWE-352

Tags

Missing Update Known Vulnerabilities