CSRF Vulnerability in atmail before 7.8.0.2 Allows SMTP Hostname Manipulation and Email Hijacking

CSRF Vulnerability in atmail before 7.8.0.2 Allows SMTP Hostname Manipulation and Email Hijacking

CVE-2017-9518 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

atmail before 7.8.0.2 has CSRF, allowing an attacker to change the SMTP hostname and hijack all emails.

Learn more about our Web Application Penetration Testing UK.