Description

Cross-site request forgery (CSRF) vulnerability in the Admin web interface in OpenVPN Access Server before 1.8.5 allows remote attackers to hijack the authentication of administrators for requests that create administrative users.

Remediation

References

CVE-2013-2692

Related Vulnerabilities

Apache HTTP Server Observable Timing Discrepancy Vulnerability (CVE-2026-33006)

Moodle Improper Input Validation Vulnerability (CVE-2012-6099)

MySQL CVE-2021-2046 Vulnerability (CVE-2021-2046)

Roundcube Unspesificed Vulnerability (CVE-2019-15237)

WordPress Plugin WHOIS 'domain' Parameter Cross-Site Scripting (1.4.2.2)

Severity

Medium

Classification

CVE-2013-2692 CWE-352

Tags

Missing Update Known Vulnerabilities