Description
Multiple cross-site request forgery (CSRF) vulnerabilities in Mutare EVM allow remote attackers to hijack the authentication of arbitrary users for requests that (1) change a PIN, (2) delete messages, (3) add a delivery address, or (4) change a delivery address.
References (4)
Core 4
Core References
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/136612
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/46537
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0476
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/43483
Scores
EPSS
0.0068
EPSS Percentile
48.0%
Details
CWE
CWE-352
Status
published
Products (1)
mutare/evm
Published
Feb 28, 2011
Tracked Since
Feb 18, 2026