Cross-Site Request Forgery Vulnerability in Vesta Control Panel by VestaCP
CVE-2015-2861

Currently unrated

Key Information:

Vendor: Vestacp
Status: Vesta Control Panel
Vendor: CVE Published:; 18 June 2015

What is CVE-2015-2861?

A Cross-site request forgery vulnerability exists in Vesta Control Panel (versions prior to 0.9.8-14) that could be exploited by remote attackers. This flaw allows an attacker to hijack the authentication of arbitrary users, potentially granting unauthorized access to sensitive functionalities. It is crucial for administrators to ensure updates are applied to mitigate the risk associated with this vulnerability.

References

http://www.securityfocus.com/bid/75215

vdb-entryx_refsource_BID

http://vestacp.com/roadmap/#history

x_refsource_CONFIRM

http://www.kb.cert.org/vuls/id/842780

third-party-advisoryx_refsource_CERT-VN

Timeline

Vulnerability published
Jun 18, 2015
Vulnerability Reserved
Apr 3, 2015

JSON

Vestacp

What is CVE-2015-2861?

References

Timeline