2024

2023

2022

2021

2020

2019

2018

CVE-2018-8764 (v3: 8.8) 27 Mar 2018
Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 places a CSRF token in the sec_token parameter of a URI, which makes it easier for remote attackers to defeat a CSRF protection mechanism by leveraging logging.

2017

2016

2015

CVE-2015-5395 (v3: 8.8) 20 Sep 2017
Cross-site request forgery (CSRF) vulnerability in SOGo before 3.1.0.