Unrated severityNVD Advisory· Published Apr 25, 2013· Updated Jun 16, 2026
CVE-2013-2305
CVE-2013-2305
Description
Cross-site request forgery (CSRF) vulnerability in Cybozu Office before 8.1.6 and 9.x before 9.3.0, Cybozu Dezie before 8.0.7, and Cybozu Mailwise before 5.0.4 allows remote attackers to hijack the authentication of arbitrary users for requests that change passwords.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
21cpe:2.3:a:cybozu:cybozu_dezie:*:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:cybozu:cybozu_dezie:*:*:*:*:*:*:*:*range: <=8.0.6
- cpe:2.3:a:cybozu:cybozu_dezie:8.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:cybozu_dezie:8.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:cybozu_dezie:8.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:cybozu_dezie:8.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:cybozu_dezie:8.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:cybozu_dezie:8.0.5:*:*:*:*:*:*:*
- (no CPE)range: <8.0.7
cpe:2.3:a:cybozu:cybozu_office:*:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:cybozu:cybozu_office:*:*:*:*:*:*:*:*range: <=8
- cpe:2.3:a:cybozu:cybozu_office:6:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:cybozu_office:7:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:cybozu_office:9:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:cybozu_office:9.2.1:*:*:*:*:*:*:*
- (no CPE)range: <8.1.6
cpe:2.3:a:cybozu:mailwise:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:cybozu:mailwise:*:*:*:*:*:*:*:*range: <=5.0
- cpe:2.3:a:cybozu:mailwise:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:mailwise:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:mailwise:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:mailwise:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:cybozu:mailwise:3.0\(0.2\):*:*:*:*:*:*:*
- (no CPE)range: <5.0.4
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.