Description

Cross-site request forgery (CSRF) vulnerability in the Admin web interface in OpenVPN Access Server before 1.8.5 allows remote attackers to hijack the authentication of administrators for requests that create administrative users.

Remediation

References

CVE-2013-2692

Related Vulnerabilities

WordPress Plugin Gallery-Flagallery Photo Portfolio Cross-Site Request Forgery (3.01)

WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.15)

WordPress Plugin gboutique Local File Inclusion (1.3)

WordPress 4.3.x Denial of Service Vulnerability (4.3 - 4.3.15)

WebLogic Use of a Broken or Risky Cryptographic Algorithm Vulnerability (CVE-2018-1000180)

Severity

Medium

Classification

CVE-2013-2692 CWE-352

Tags

Missing Update Known Vulnerabilities