Cross-site request forgery (CSRF) vulnerability in Jolokia before 1.2.1 allows remote attackers to hijack the authentication of users for requests that execute MBeans methods via a crafted web page.
References
Link | Resource |
---|---|
http://rhn.redhat.com/errata/RHSA-2014-1351.html | Vendor Advisory |
https://github.com/rhuss/jolokia/commit/2d9b168cfbbf5a6d16fa6e8a5b34503e3dc42364 | Exploit |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2014-10-06T14:00:00
Updated: 2014-10-06T13:57:01
Reserved: 2013-12-03T00:00:00
Link: CVE-2014-0168
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-10-06T14:55:08.250
Modified: 2014-10-07T15:20:13.237
Link: CVE-2014-0168
JSON object: View
Redhat Information
No data.
CWE