QwikSec

Security Database

CVE

CWE

Training

CVE-2017-6328

Published: Aug 11, 2017

Modified: Sep 16, 2024

PUBLISHED

Description

The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of cross site request forgery (also known as one-click attack and is abbreviated as CSRF or XSRF), which is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the web application trusts. A CSRF attack attempts to exploit the trust that a specific website has in a user's browser.

Vendor	Product	Versions
Symantec Corporation	Messaging Gateway	affected `All versions prior to version 10.6.3-267`

References

vdb-entry

x_refsource_BID

https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170810_00

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.