Description

Cross-site request forgery (CSRF) vulnerability in Roundcube Webmail 0.2.2 and earlier allows remote attackers to hijack the authentication of unspecified users for requests that send arbitrary emails via unspecified vectors, a different vulnerability than CVE-2009-4076.

Remediation

References

CVE-2009-4077

Related Vulnerabilities

Oracle JRE CVE-2022-39399 Vulnerability (CVE-2022-39399)

WordPress Plugin AW WordPress Yearly Category Archives Unspecified Vulnerability (1.2.1)

WordPress Plugin Gmedia Photo Gallery Multiple Vulnerabilities (1.6.4)

WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor Information Disclosure (3.9.0)

WordPress Plugin Peter's Login Redirect Multiple Vulnerabilities (2.9.0)

Severity

Medium

Classification

CVE-2009-4077 CWE-352

Tags

Missing Update Known Vulnerabilities