Описание
Cross-Site Request Forgery in Magnolia CMS
An issue in the Login page of Magnolia CMS v6.2.3 and below allows attackers to exploit both an Open Redirect vulnerability and Cross-Site Request Forgery (CSRF) in order to brute force and exfiltrate users' credentials.
Пакеты
Наименование
info.magnolia:magnolia-core
maven
Затронутые версииВерсия исправления
< 6.2.4
6.2.4
Связанные уязвимости
CVSS3: 8.8
nvd
почти 4 года назад
An issue in the Login page of Magnolia CMS v6.2.3 and below allows attackers to exploit both an Open Redirect vulnerability and Cross-Site Request Forgery (CSRF) in order to brute force and exfiltrate users' credentials.