Multiple Cybozu Products Cross-Site Request Forgery Vulnerability
Multiple Cybozu products are prone a cross-site request-forgery vulnerability.
Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application. Other attacks are also possible.
Note: The information about 'Cybozu Office for Mobile' application has been moved to BID 59502 (Cybozu Office for Mobile CVE-2013-3269 Cross-Site Request Forgery Vulnerability) for better documentation.
The following products and versions are vulnerable:
Cybozu Office versions prior to 8.1.6 and 9.3.0
Cybozu Dezie versions prior to 8.0.7
Cybozu Mailwise versions prior to 5.0.4
Cybozu Mailwise versions prior to 4.0.6