Multiple Cybozu Products Cross-Site Request Forgery Vulnerability

Multiple Cybozu products are prone a cross-site request-forgery vulnerability.

Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application. Other attacks are also possible.

Note: The information about 'Cybozu Office for Mobile' application has been moved to BID 59502 (Cybozu Office for Mobile CVE-2013-3269 Cross-Site Request Forgery Vulnerability) for better documentation.

The following products and versions are vulnerable:

Cybozu Office versions prior to 8.1.6 and 9.3.0
Cybozu Dezie versions prior to 8.0.7
Cybozu Mailwise versions prior to 5.0.4
Cybozu Mailwise versions prior to 4.0.6


Privacy Statement
Copyright 2010, SecurityFocus