CVE-2018-8764

Published: 2018-03-27T16:29Z

Last Modified: 2024-11-21T04:14Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 places a CSRF token in the sec_token parameter of a URI, which makes it easier for remote attackers to defeat a CSRF protection mechanism by leveraging logging. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt