CVE-2021-28490

CVE-2021-28490

EPSS 0.5%

In OWASP CSRFGuard through 3.1.0, CSRF can occur because the CSRF cookie may be retrieved by using only a session token.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/reidmefirst/vuln-disclosure/blob/main/2021-01.txt https://owasp.org/www-project-csrfguard/