In the Open Build Service (OBS) before version 2.4.6 the CSRF protection is incorrectly disabled in the web interface, allowing for requests without the user's consent.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opensuse open build service |