Trend Micro IMSVA CSRF / XML Injection / SSRF / File Disclosure
Posted on 05 November 2020
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) versions prior to 9.1.0 Critical Patch Build 2025 suffer from XML injection, over-privileged access, cross site request forgery, file disclosure, server-side request forgery, information leakage, and various other vulnerabilities.