CVE-2014-0594
CSRF protection incorrectly disabled
In the Open Build Service (OBS) before version 2.4.6 the CSRF protection is incorrectly disabled in the web interface, allowing for requests without the user's consent.
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Productos afectados
openSUSE · Open Build Service¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →