CSRF in Vestacp Vesta_control_panel
CVE-2015-2861
Cross-site request forgery (CSRF) vulnerability in Vesta Control Panel before 0.9.8-14 allows remote attackers to hijack the authentication of arbitrary users.
Vulnerability class: CSRF (Cross-Site Request Forgery)
EPSS: 0.012 (64.7th percentile) — read the EPSS interpretation.
Affected products
- Vestacp Vesta_control_panel
- N/a — versions n/a
Weakness classification (CWE)
References
- cret@cert.org (vdb-entry, x_refsource_BID)
- cret@cert.org (x_refsource_CONFIRM, Vendor Advisory)
- cret@cert.org (US Government Resource, x_refsource_CERT-VN, Third Party Advisory, third-party-advisory)
- cret@cert.org (x_refsource_CONFIRM)