Cross-site request forgery (CSRF) vulnerability in Rapid7 Nexpose Security Console prior to 5.5.4 allows remote malicious users to hijack the authentication of unspecified victims for requests that delete scan data and sites via a request to data/site/delete.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
rapid7 nexpose |
||
rapid7 nexpose 5.5.1 |
||
rapid7 nexpose 5.4.12 |
||
rapid7 nexpose 5.4.11 |
||
rapid7 nexpose 5.4.10 |
||
rapid7 nexpose 5.4.5 |
||
rapid7 nexpose 5.4.4 |
||
rapid7 nexpose 5.4.3 |
||
rapid7 nexpose 5.4.2 |
||
rapid7 nexpose 5.4.9 |
||
rapid7 nexpose 5.4.7 |
||
rapid7 nexpose 5.4 |
||
rapid7 nexpose 5.4.8 |
||
rapid7 nexpose 5.4.6 |
||
rapid7 nexpose 5.4.1 |