CVE-2020-5900 · Vexday

CVE-2020-5900

EPSS 0.5%

In versions 3.0.0-3.4.0, 2.0.0-2.9.0, and 1.0.1, there is insufficient cross-site request forgery (CSRF) protections for the NGINX Controller user interface.

Affected products

n/a · NGINX Controller

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://support.f5.com/csp/article/K31044532