servlet/UserServlet in SearchBlox 8.6.6 has CSRF via the u_name, u_passwd1, u_passwd2, role, and X-XSRF-TOKEN POST parameters because of CSRF Token Bypass.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-06-01T19:00:00
Updated: 2024-08-05T08:10:14.887Z
Reserved: 2018-05-29T00:00:00
Link: CVE-2018-11538
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-06-01T19:29:00.300
Modified: 2018-07-03T15:28:01.650
Link: CVE-2018-11538
Redhat
No data.