CSRF Vulnerability in SocketMail Pro 2.2.9 Allows Unauthorized User Security Question Modification

CVE-2012-4059 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Cross-site request forgery (CSRF) vulnerability in home/secretqtn.php in SocketMail Pro 2.2.9 allows remote attackers to hijack the authentication of arbitrary users for requests that change user security questions and answers via an upd action.

Learn more about our User Device Pen Test.