CVE-2013-6443

2014-01-23T01:55:00
ID CVE-2013-6443
Type cve
Reporter cve@mitre.org
Modified 2014-01-23T18:18:00

Description

CloudForms 3.0 Management Engine before 5.2.1.6 allows remote attackers to bypass the Ruby on Rails protect_from_forgery mechanism and conduct cross-site request forgery (CSRF) attacks via a destructive action in a request.