Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2020-15776
HistorySep 18, 2020 - 2:15 p.m.

Cross site request forgery (csrf)

2020-09-1814:15:00
PRIOn knowledge base
www.prio-n.com
3

8.7 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.4%

JSON

An issue was discovered in Gradle Enterprise 2018.2 - 2020.2.4. The CSRF prevention token is stored in a request cookie that is not annotated as HttpOnly. An attacker with the ability to execute arbitrary code in a user’s browser could impose an arbitrary value for this token, allowing them to perform cross-site request forgery.

CPENameOperatorVersion
enterprisege2018.2
enterprisele2020.2.4

Related

cvelist 1
cve 1
nvd 1
cvelist
cvelist
CVE-2020-15776
2020-09-18 13:16:05
cve
cve
CVE-2020-15776
2020-09-18 14:15:12
nvd
nvd
CVE-2020-15776
2020-09-18 14:15:12

8.7 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.4%

JSON
Related for PRION:CVE-2020-15776
cvelist1cve1nvd1