User: Password:
Subscribe / Log in / New account

egroupware: cross site request forgery

Package(s):egroupware CVE #(s):
Created:May 19, 2014 Updated:May 21, 2014
Description: From the Mageia advisory:

eGroupWare before 1.8.007 allows logged in users with administrative privileges to remotely execute arbitrary commands on the server. It is also vulnerable to a cross site request forgery vulnerability that allows creating new administrative users.

Mandriva MDVSA-2014:104 egroupware 2014-05-16
Mageia MGASA-2014-0221 egroupware 2014-05-17

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds