Vulnerability CVE-2018-6563

Vulnerability CVE-2018-6563

Published: 2018-06-20

Description:

	Topic	Author	Date
Low	Totemomail Encryption Gateway 6.0.0_Build_371 Cross Site Request Forgery	Nicolas Heiniger	16.05.2018

Type:

(Cross-Site Request Forgery (CSRF))

CVSS Base Score	Impact Subscore	Exploitability Subscore
6.8/10	6.4/10	8.6/10

Affected software
Totemo -> Encryption gateway

http://packetstormsecurity.com/files/147648/Totemomail-Encryption-Gateway-6.0.0_Build_371-Cross-Site-Request-Forgery.html

http://www.securityfocus.com/archive/1/542015/100/0/threaded

https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CSNC-2018-003_totemo_csrf.txt

https://www.exploit-db.com/exploits/44631/