Description

Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail 0.2.2 and earlier allows remote attackers to hijack the authentication of unspecified users for requests that modify user information via unspecified vectors, a different vulnerability than CVE-2009-4077.

Remediation

References

CVE-2009-4076

Related Vulnerabilities

WordPress Plugin Convert Docx2post Arbitrary File Upload (1.4)

WordPress Plugin Advanced Contact form 7 DB SQL Injection (1.6.1)

WordPress Plugin DiveBook Multiple Vulnerabilities (1.1.4)

Dolibarr Improper Authentication Vulnerability (CVE-2021-25956)

Joomla! Core Cross-Site Scripting (1.5.0 - 3.7.3)

Severity

Medium

Classification

CVE-2009-4076 CWE-352

Tags

Missing Update Known Vulnerabilities