CVE-2015-6493

Infinite Automation Systems Mango Automation - CSRF

Title source: rule

Description

Cross-site request forgery (CSRF) vulnerability in Infinite Automation Mango Automation 2.5.x and 2.6.x through 2.6.0 build 430 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors.

Exploits (1)

exploitdb WORKING POC

webappsjsp

https://www.exploit-db.com/exploits/38338

View on exploitdb

References (1)

[Patch, Third Party Advisory, US Government Resource] https://ics-cert.us-cert.gov/advisories/ICSA-15-300-02

Scores

EPSS 0.0032

EPSS Percentile 54.6%

Classification

CWE

CWE-352

Status draft

Affected Products (3)

infinite_automation_systems/mango_automation

Timeline

Published Oct 28, 2015

Tracked Since Feb 18, 2026