CVE-2016-4069

Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail before 1.1.5 allows remote attackers to hijack the authentication of users for requests that download attachments and cause a denial of service (disk consumption) via unspecified vectors.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:roundcube:webmail:*:*:*:*:*:*:*:*

Information

Published : 2016-08-25 11:59

Updated : 2018-10-30 09:27


NVD link : CVE-2016-4069

Mitre link : CVE-2016-4069


JSON object : View

CWE
CWE-352

Cross-Site Request Forgery (CSRF)

Advertisement

dedicated server usa

Products Affected

roundcube

  • webmail

opensuse

  • leap