VYPR
High severity8.8OSV Advisory· Published Mar 27, 2018· Updated Jun 17, 2026

CVE-2018-8764

CVE-2018-8764

Description

Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 places a CSRF token in the sec_token parameter of a URI, which makes it easier for remote attackers to defeat a CSRF protection mechanism by leveraging logging.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.