Lucene search
PRIOn knowledge basePRION:CVE-2016-4311HistoryFeb 17, 2017 - 2:59 a.m.
Cross site request forgery (csrf)
2017-02-1702:59:00
PRIOn knowledge base
www.prio-n.com
3
Cross-site request forgery (CSRF) vulnerability in the XACML flow feature in WSO2 Identity Server 5.1.0 allows remote attackers to hijack the authentication of privileged users for requests that process XACML requests via an entitlement/eval-policy-submit.jsp request.
| CPE | Name | Operator | Version |
|---|---|---|---|
| identity_server | eq | 5.1.0 |
References
hyp3rlinx.altervista.org/advisories/WSO2-IDENTITY-SERVER-v5.1.0-XML-External-Entity.txt
packetstormsecurity.com/files/138329/WSO2-Identity-Server-5.1.0-XML-Injection.html
www.securityfocus.com/archive/1/539199/100/0/threaded
www.securityfocus.com/bid/92485
docs.wso2.com/display/Security/Security+Advisory+WSO2-2016-0096
www.exploit-db.com/exploits/40239/
Related
nvd
nvd
CVE-2016-4311
2017-02-17 02:59:11
CVE-2016-4312
2017-02-17 02:59:11
cvelist
cvelist
CVE-2016-4311
2017-02-16 18:00:00
CVE-2016-4312
2017-02-16 18:00:00
cve
cve
CVE-2016-4311
2017-02-17 02:59:11
CVE-2016-4312
2017-02-17 02:59:11
openvas
openvas
WSO2 Identity Server CSRF And XXE Vulnerabilities
2016-10-10 00:00:00
packetstorm
packetstorm
WSO2 Identity Server 5.1.0 XML Injection
2016-08-13 00:00:00
prion
prion
Server side request forgery (ssrf)
2017-02-17 02:59:00
exploitpack
exploitpack
WSO2 Identity Server 5.1.0 - Multiple Vulnerabilities
2016-08-16 00:00:00
zdt
zdt
WSO2 Identity Server 5.1.0 - Multiple Vulnerabilities
2016-08-16 00:00:00
exploitdb
exploitdb
WSO2 Identity Server 5.1.0 - Multiple Vulnerabilities
2016-08-16 00:00:00