CloudForms 3.0 Management Engine prior to 5.2.1.6 allows remote malicious users to bypass the Ruby on Rails protect_from_forgery mechanism and conduct cross-site request forgery (CSRF) attacks via a destructive action in a request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat cloudforms 3.0 |
||
redhat cloudforms 3.0 management engine 5.2 |
||
redhat cloudforms 3.0 management engine |