CSRF in Novell Imanager
CVE-2013-1088
Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging improper request validation by iManager code deployed within an…
Vulnerability class: CSRF (Cross-Site Request Forgery)
EPSS: 0.003 (50.0th percentile) — read the EPSS interpretation.
Affected products
- Novell Imanager — versions 2.7, 2.7.1, 2.7.2
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
- cve@mitre.org (x_refsource_CONFIRM)