Описание
Hawtio versions up to and including 1.5.3 are vulnerable to CSRF vulnerability allowing remote attackers to trick the user to visit their website containing a malicious script which can be submitted to hawtio server on behalf of the user.
Ссылки
- Third Party AdvisoryVDB Entry
- Issue TrackingThird Party Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:hawt:hawtio:1.5.3:*:*:*:*:*:*:*
EPSS
Процентиль: 48%
0.0025
Низкий
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-352
CWE-352
Связанные уязвимости
CVSS3: 5.3
redhat
больше 8 лет назад
Hawtio versions up to and including 1.5.3 are vulnerable to CSRF vulnerability allowing remote attackers to trick the user to visit their website containing a malicious script which can be submitted to hawtio server on behalf of the user.
EPSS
Процентиль: 48%
0.0025
Низкий
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-352
CWE-352