cve/CVE-2018-7634.md at f0ac04d7677853df048666db730bdfce74d87780

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

An issue was discovered in Enalean Tuleap 9.17. Lack of CSRF attack mitigation while changing an e-mail address makes it possible to abuse the functionality by attackers. By making a CSRF attack, an attacker could make a victim change his registered e-mail address on the application, leading to account takeover.

POC

Reference

https://mustafairan.wordpress.com/2018/03/05/tuleap-mail-change-csrf-vulnerability-leads-to-account-takeover/

Github

No PoCs found on GitHub currently.

843 B Raw Blame History

CVE-2018-7634

Description

POC

Reference

Github

843 B

Raw Blame History