CSRF in Papercut Papercut_mf
CVE-2014-2659
Cross-site request forgery (CSRF) vulnerability in the admin UI in Papercut MF and NG before 14.1 (Build 26983) allows remote attackers to hijack the authentication of administrators via unspecified vectors.
Vulnerability class: CSRF (Cross-Site Request Forgery)
EPSS: 0.001 (24.5th percentile) — read the EPSS interpretation.
Affected products
- Papercut Papercut_mf — versions 12.0, 12.1, 12.2
- Papercut Papercut_ng — versions 12.0, 12.1, 12.2
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_CONFIRM)
- papercut-cve20142659-csrf(92648) (vdb-entry, x_refsource_XF)
- cve@mitre.org (x_refsource_CONFIRM)
- 58037 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)