CVE-2014-0168 – Jolokia: cross-site request forgery (CSRF)

https://notcve.org/view.php?id=CVE-2014-0168

02 Oct 2014 — Cross-site request forgery (CSRF) vulnerability in Jolokia before 1.2.1 allows remote attackers to hijack the authentication of users for requests that execute MBeans methods via a crafted web page. Vulnerabilidad de CSRF en Jolokia anterior a 1.2.1 permite a atacantes remotos secuestrar la autenticación de usuarios para solicitudes que ejecutan métodos MBeans a través de una página web manipulada. It was found that Jolokia was vulnerable to Cross-Site Request Forgery (CSRF) attacks. A remote attacker could... • http://rhn.redhat.com/errata/RHSA-2014-1351.html • CWE-352: Cross-Site Request Forgery (CSRF) •