Cross-site request forgery (CSRF) vulnerability in Greenbone Security Assistant (GSA) prior to 2.0+rc3 allows remote malicious users to hijack the authentication of users for requests that send email via an OMP request to OpenVAS Manager. NOTE: this issue can be leveraged to bypass authentication requirements for exploiting CVE-2011-0018.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
greenbone greenbone security assistant |