Security Vulnerabilities, CVEs, Published In September 2011 (CSRF) CVSS score >= 5
Cross-site request forgery (CSRF) vulnerability in Phorum before 5.2.16 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.
Max CVSS
6.8
EPSS Score
0.11%
Published
2011-09-08
Updated
2011-09-14
JasperServer in JasperReports Server Community Project 3.7.0 and 3.7.1 uses a predictable _flowExecutionKey parameter, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a brute-force approach.
Max CVSS
6.8
EPSS Score
1.48%
Published
2011-09-20
Updated
2017-08-17
2 vulnerabilities found