1 results (0.003 seconds)
CVSS: 6.8EPSS: 0%CPEs: 7EXPL: 3
CVE-2013-6826 – Fortinet FortiAnalyzer - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2013-6826
cgi-bin/module//sysmanager/admin/SYSAdminUserDialog in Fortinet FortiAnalyzer before 5.0.5 does not properly validate the csrf_token parameter, which allows remote attackers to perform cross-site request forgery (CSRF) attacks. cgi-bin/module/sysmanager/admin/SYSAdminUserDialog en Fortinet FortiAnalyzer anterior a la versión 5.0.5 no valida adecuadamente el parámetro csrf_token, lo que permite a atacantes remotos realizar ataques de CSRF. • https://www.exploit-db.com/exploits/38824 http://packetstormsecurity.com/files/123980/fortianalyzer-xsrf.txt http://www.securityfocus.com/bid/63663 • CWE-352: Cross-Site Request Forgery (CSRF) •