CSRF Vulnerability in SocketMail Pro 2.2.9 Allows Unauthorized User Security Question Modification
CVE-2012-4059 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
Cross-site request forgery (CSRF) vulnerability in home/secretqtn.php in SocketMail Pro 2.2.9 allows remote attackers to hijack the authentication of arbitrary users for requests that change user security questions and answers via an upd action.
Learn more about our User Device Pen Test.