Cross-Site Request Forgery (CSRF) Vulnerabilities in Novell Filr Administrative Interface

Cross-Site Request Forgery (CSRF) Vulnerabilities in Novell Filr Administrative Interface

CVE-2016-1607 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Multiple cross-site request forgery (CSRF) vulnerabilities in the administrative interface in Novell Filr before 2.0 Security Update 2 allow remote attackers to hijack the authentication of administrators, as demonstrated by reconfiguring time settings via a vaconfig/time request.

Learn more about our Web Application Penetration Testing UK.