N/A

The absence of Anti-CSRF tokens in Trend Micro ScanMail for Exchange 12.0 web interface forms could allow an attacker to submit authenticated requests when an authenticated user browses an attacker-controlled domain.

N/A

N/A

Trend Micro ScanMail for Exchange 跨站请求伪造漏洞

Trend Micro ScanMail for Exchange是美国趋势科技（Trend Micro）开发和维护的一套专为保护Exchange邮件服务器免遭病毒、间谍软件和垃圾邮件的威胁而设计的邮件防火墙解决方案。 Trend Micro ScanMail for Exchange 12.0版本中的Web界面存在跨站请求伪造漏洞，该漏洞源于程序缺少反跨站请求伪造令牌。远程攻击者可利用该漏洞执行未授权的操作。

N/A

N/A