Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail prior to 1.1.5 allows remote malicious users to hijack the authentication of users for requests that download attachments and cause a denial of service (disk consumption) via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opensuse leap 42.1 |
||
roundcube webmail |