Cross-site request forgery (CSRF) vulnerability in MailEnable Professional before 2.37 allows remote attackers to modify arbitrary configurations and perform unauthorized actions as arbitrary users via a link or IMG tag.Referenceshttp://securityreason.com/securityalert/2258http://secunia.com/advisories/23998http://www.securityfocus.com/archive/1/460063/100/0/threadedhttp://osvdb.org/33191http://www.vupen.com/english/advisories/2007/0595http://secunia.com/secunia_research/2007-38/advisory/http://www.securityfocus.com/bid/22554
