AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2015-2769: Multiple cross-site request forgery (CSRF) vulnerabilities in the Personal Email Manager (PEM) in Websense TRITON AP-EMA

infovulnerability

security

Source: NVD/CVE DatabaseMarch 27, 2015CVE-2015-2769

Summary

Websense TRITON AP-EMAIL versions before 8.0.0 contain multiple CSRF vulnerabilities (cross-site request forgery, a type of attack where an attacker tricks a user into performing unwanted actions on a website where they're logged in) in its Personal Email Manager feature that could allow attackers to take over user accounts. The exact details of how the attack works are not publicly disclosed.

Solution / Mitigation

Update Websense TRITON AP-EMAIL to version 8.0.0 or later, as indicated by the vendor advisory at http://www.websense.com/support/article/kbarticle/Vulnerabilities-resolved-in-TRITON-APX-Version-8-0.

Vulnerability Details

CVSS Score

6.8

EPSS (30-day exploit probability)

EPSS: 0.1%

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-352

Original source: https://nvd.nist.gov/vuln/detail/CVE-2015-2769

First tracked: February 15, 2026 at 08:45 PM

Classified by LLM (prompt v3) · confidence: 95%