atmail before 7.8.0.2 has CSRF, allowing an attacker to upload and import users via CSV.
References
Link | Resource |
---|---|
https://help.atmail.com/hc/en-us/articles/115007169147-Minor-Update-7-8-0-2-ActiveSync-2-3-6 | Vendor Advisory |
Configurations
Information
Published : 2017-06-08 07:29
Updated : 2017-06-13 06:34
NVD link : CVE-2017-9517
Mitre link : CVE-2017-9517
JSON object : View
CWE
CWE-352
Cross-Site Request Forgery (CSRF)
Products Affected
atmail
- atmail