WhiteSource Vulnerability Database
What is a CVE vulnerability ID? What is a WS vulnerability ID?New vulnerability? Tell us about it!
We found results for “”
Good to know:
Date: October 14, 2015
The HTML_Quickform library, as used in Revive Adserver before 3.2.2, allows remote attackers to bypass the CSRF protection mechanism via an empty token.
Related Resources (5)
Weakness Type (CWE)
Cross-Site Request Forgery (CSRF)CWE-352
Upgrade to version v3.2.2
|Access Vector (AV):||NETWORK|
|Access Complexity (AC):||MEDIUM|