An issue exists in LabKey Server 19.1.0. It is possible to force a logged-in administrator to execute code through a /reports-viewScriptReport.view CSRF vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
labkey labkey server 19.1.0 |