VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Apr 22, 2014· Updated May 6, 2026

CVE-2014-2659

CVE-2014-2659

Description

Cross-site request forgery (CSRF) vulnerability in the admin UI in Papercut MF and NG before 14.1 (Build 26983) allows remote attackers to hijack the authentication of administrators via unspecified vectors.

Affected products

28
  • Papercut/Papercut Mf14 versions
    cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*+ 13 more
    • cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:*range: <=14.1
    • cpe:2.3:a:papercut:papercut_mf:12.0:*:*:*:*:*:*:*
    • cpe:2.3:a:papercut:papercut_mf:12.1:*:*:*:*:*:*:*
    • cpe:2.3:a:papercut:papercut_mf:12.2:*:*:*:*:*:*:*
    • cpe:2.3:a:papercut:papercut_mf:12.3:*:*:*:*:*:*:*
    • cpe:2.3:a:papercut:papercut_mf:12.4:*:*:*:*:*:*:*
    • cpe:2.3:a:papercut:papercut_mf:12.5:*:*:*:*:*:*:*
    • cpe:2.3:a:papercut:papercut_mf:13.0:*:*:*:*:*:*:*
    • cpe:2.3:a:papercut:papercut_mf:13.1:*:*:*:*:*:*:*
    • cpe:2.3:a:papercut:papercut_mf:13.2:*:*:*:*:*:*:*
    • cpe:2.3:a:papercut:papercut_mf:13.3:*:*:*:*:*:*:*
    • cpe:2.3:a:papercut:papercut_mf:13.4:*:*:*:*:*:*:*
    • cpe:2.3:a:papercut:papercut_mf:13.5:*:*:*:*:*:*:*
    • cpe:2.3:a:papercut:papercut_mf:14.0:*:*:*:*:*:*:*
  • Papercut/Papercut Ng14 versions
    cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*+ 13 more
    • cpe:2.3:a:papercut:papercut_ng:*:*:*:*:*:*:*:*range: <=14.1
    • cpe:2.3:a:papercut:papercut_ng:12.0:*:*:*:*:*:*:*
    • cpe:2.3:a:papercut:papercut_ng:12.1:*:*:*:*:*:*:*
    • cpe:2.3:a:papercut:papercut_ng:12.2:*:*:*:*:*:*:*
    • cpe:2.3:a:papercut:papercut_ng:12.3:*:*:*:*:*:*:*
    • cpe:2.3:a:papercut:papercut_ng:12.4:*:*:*:*:*:*:*
    • cpe:2.3:a:papercut:papercut_ng:12.5:*:*:*:*:*:*:*
    • cpe:2.3:a:papercut:papercut_ng:13.0:*:*:*:*:*:*:*
    • cpe:2.3:a:papercut:papercut_ng:13.1:*:*:*:*:*:*:*
    • cpe:2.3:a:papercut:papercut_ng:13.2:*:*:*:*:*:*:*
    • cpe:2.3:a:papercut:papercut_ng:13.3:*:*:*:*:*:*:*
    • cpe:2.3:a:papercut:papercut_ng:13.4:*:*:*:*:*:*:*
    • cpe:2.3:a:papercut:papercut_ng:13.5:*:*:*:*:*:*:*
    • cpe:2.3:a:papercut:papercut_ng:14.0:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.