Cross-Site Request Forgery Vulnerability in Papercut MF and NG Admin UI
CVE-2014-2659

Currently unrated

Key Information:

Vendor: Papercut
Status: Papercut Ng; Papercut Mf
Vendor: CVE Published:; 22 April 2014

What is CVE-2014-2659?

Papercut MF and NG contain a CSRF vulnerability in their admin user interface, enabling remote attackers to execute unauthorized actions on behalf of administrators. This can lead to session hijacking through various unspecified methods, posing a significant risk to the integrity of administrative sessions. Users of these products should ensure they are running the latest versions to mitigate the threat.

References

http://www.papercut-mf.com/release-history/

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/92648

vdb-entryx_refsource_XF

http://www.papercut.com/release-history/

x_refsource_CONFIRM

Timeline

Vulnerability published
Apr 22, 2014
Vulnerability Reserved
Mar 26, 2014