CVE-2023-2533 (papercut_mf, papercut_ng)

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in
PaperCut NG/MF, which, under specific conditions, could potentially enable
an attacker to alter security settings or execute arbitrary code. This could
be exploited if the target is an admin with a current login session. Exploiting
this would typically involve the possibility of deceiving an admin into clicking
a specially crafted malicious link, potentially leading to unauthorized changes.

clicking code conditions cross-site cross-site request forgery csrf current cve enable exploited exploiting forgery login papercut request security session settings target under vulnerability