Jasperforge : Security Vulnerabilities, CVEs,
JasperServer in JasperReports Server Community Project 3.7.0 and 3.7.1 uses a predictable _flowExecutionKey parameter, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a brute-force approach.
Max CVSS
6.8
EPSS Score
1.48%
Published
2011-09-20
Updated
2017-08-17
1 vulnerabilities found