Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistRedhatCVELIST:CVE-2012-4386
HistorySep 05, 2012 - 11:00 p.m.

CVE-2012-4386

2012-09-0523:00:00
redhat
raw.githubusercontent.com
1

6.6 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

56.0%

JSON

The token check mechanism in Apache Struts 2.0.0 through 2.3.4 does not properly validate the token name configuration parameter, which allows remote attackers to perform cross-site request forgery (CSRF) attacks by setting the token name configuration parameter to a session attribute.

Related

github 1
cve 1
ubuntucve 1
prion 1
osv 1
openvas 1
nessus 1
ibm 2
github
github
Cross-Site Request Forgery in Apache Struts
2022-05-17 01:42:17
cve
cve
CVE-2012-4386
2012-09-05 23:55:02
ubuntucve
ubuntucve
CVE-2012-4386
2012-09-05 00:00:00
prion
prion
Cross site request forgery (csrf)
2012-09-05 23:55:00
osv
osv
Cross-Site Request Forgery in Apache Struts
2022-05-17 01:42:17
openvas
openvas
Apache Struts Security Update (S2-010, S2-011)
2021-09-14 00:00:00
nessus
nessus
Apache Struts 2.x < 2.3.4.1 Multiple Vulnerabilities (S2-010) (S2-011)
2018-09-11 00:00:00
ibm
ibm
Security Bulletin: IBM Call Center and Apache Struts Struts upgrade strategy (various CVEs, see below)
2022-09-14 17:37:56
Security Bulletin: IBM Sterling Order Management Apache Struts upgrade strategy (various CVEs, see below)
2022-09-14 17:45:15

6.6 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

56.0%

JSON
Related for CVELIST:CVE-2012-4386
github1cve1ubuntucve1prion1osv1openvas1nessus1ibm2