Vulnerabilities > Atmail > High

DATE CVE VULNERABILITY TITLE RISK
2017-06-08 CVE-2017-9519 Cross-Site Request Forgery (CSRF) vulnerability in Atmail
atmail before 7.8.0.2 has CSRF, allowing an attacker to create a user account.
network
low complexity
atmail CWE-352
8.8
8.8
2017-06-08 CVE-2017-9518 Cross-Site Request Forgery (CSRF) vulnerability in Atmail
atmail before 7.8.0.2 has CSRF, allowing an attacker to change the SMTP hostname and hijack all emails.
network
low complexity
atmail CWE-352
8.8
8.8
2017-06-08 CVE-2017-9517 Cross-Site Request Forgery (CSRF) vulnerability in Atmail
atmail before 7.8.0.2 has CSRF, allowing an attacker to upload and import users via CSV.
network
low complexity
atmail CWE-352
8.8
8.8