CVE-2013-2305 Information

Description

Cross-site request forgery (CSRF) vulnerability in Cybozu Office before 8.1.6 and 9.x before 9.3.0 Cybozu Dezie before 8.0.7 and Cybozu Mailwise before 5.0.4 allows remote attackers to hijack the authentication of arbitrary users for requests that change passwords.

Reference

http://cs.cybozu.co.jp/information/20130415up10.php http://jvn.jp/en/jp/JVN06251813/374951/index.html http://jvn.jp/en/jp/JVN06251813/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2013-000034