Redhat : Security Vulnerabilities, CVEs, Published In 2017 (CSRF) CVSS score >= 7
It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session. An attacker could use this flaw to gain access to an authenticated user session, leading to possible information disclosure or further attacks.
Max CVSS
7.5
EPSS Score
0.32%
Published
2017-10-26
Updated
2019-10-09
Cross-site request forgery (CSRF) vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web page.
Max CVSS
8.8
EPSS Score
0.08%
Published
2017-04-20
Updated
2017-04-26
Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149.
Max CVSS
8.8
EPSS Score
0.21%
Published
2017-04-21
Updated
2023-02-12
Cross-site request forgery (CSRF) vulnerability in the jolokia API in A-MQ.
Max CVSS
8.8
EPSS Score
0.15%
Published
2017-09-25
Updated
2023-02-13
Cross-site request forgery (CSRF) vulnerability in the admin terminal in Hawt.io allows remote attackers to hijack the authentication of arbitrary users for requests that run commands on the Karaf server, as demonstrated by running "shutdown -f."
Max CVSS
8.8
EPSS Score
0.22%
Published
2017-12-29
Updated
2018-01-11
5 vulnerabilities found