Unrated severityNVD Advisory· Published Jun 18, 2015· Updated May 6, 2026

CVE-2015-2861

Description

Cross-site request forgery (CSRF) vulnerability in Vesta Control Panel before 0.9.8-14 allows remote attackers to hijack the authentication of arbitrary users.

Affected products

Vestacp/Vesta Control Panel
cpe:2.3:a:vestacp:vesta_control_panel:*:*:*:*:*:*:*:*
Range: <=0.9.8-12

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

vestacp.com/roadmap/nvdVendor Advisory
www.kb.cert.org/vuls/id/842780nvdThird Party AdvisoryUS Government Resource
www.securityfocus.com/bid/75215nvd
github.com/serghey-rodin/vesta/commit/527e4a9a62204be9b34c1338fadfe959b0fd3974nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000