Description
Multiple cross-site request forgery (CSRF) vulnerabilities in Roundcube Webmail before 1.0.4 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors, related to (1) address book operations or the (2) ACL or (3) Managesieve plugins.
Remediation
References
Related Vulnerabilities
Joomla! Core Security Bypass (2.5.0 - 3.8.7)
WordPress Plugin Motors-Car Dealer & Classified Ads Multiple Vulnerabilities (1.4.0)
WordPress Plugin Blog Designer Cross-Site Scripting (1.8.11)
Java Unspesificed Vulnerability (CVE-2018-2964)
WordPress Plugin Car Demon Multiple Cross-Site Scripting Vulnerabilities (1.0.1)