A flaw was found in Infinispan version 10, where it is possible to perform various actions that could have side effects using GET requests. This flaw allows an attacker to perform a cross-site request forgery (CSRF) attack.
References
Link | Resource |
---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=1846293 | Issue Tracking Third Party Advisory |
https://security.netapp.com/advisory/ntap-20210827-0003/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2021-06-02T11:02:53
Updated: 2021-08-27T06:07:14
Reserved: 2020-03-20T00:00:00
Link: CVE-2020-10771
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-06-02T12:15:07.397
Modified: 2021-11-30T13:54:37.087
Link: CVE-2020-10771
JSON object: View
Redhat Information
No data.
CWE