Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in MDaemon before 20.0.4. Remote Administration allows an attacker to perform a fixation of the anti-CSRF token. In order to exploit this issue, the user has to click on a malicious URL provided by the attacker and successfully authenticate into the application. Having the value of the anti-CSRF token, the attacker may trick the user into visiting his malicious page and performing any request with the privileges of attacked user.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
MDaemon Webmail 跨站请求伪造漏洞
Vulnerability Description
MDaemon Webmail是美国MDaemon公司的一款用于提供邮件服务的服务端应用。 MDaemon Webmail 20.0.4之前版本存在安全漏洞,该漏洞允许攻击者固定anti-CSRF令牌。
CVSS Information
N/A
Vulnerability Type
N/A