CVE-2018-10099

Google Monorail before 2018-04-04 has a Cross-Site Search XS-Search vulnerability because CSV downloads are affected by CSRF, and calculations of download times for requests with duplicated columns can be used to obtain sensitive information about the content of bug reports...

Google Monorail Cross-Site Search Vulnerability

Google Monorail is an issue tracker from Google USA. A security vulnerability exists in versions of Google Monorail prior to 2018-06-07. An attacker can exploit the vulnerability by sending a request with a specially crafted 'groupby' parameter value to obtain sensitive information about bug...

Google Monorail Cross-Site Search Vulnerability (CNVD-2018-23926)

Google Monorail is an issue tracker from Google USA. A security vulnerability exists in versions of Google Monorail prior to 2018-05-04. An attacker can exploit the vulnerability to obtain sensitive information about bug reports...

Google Monorail Cross-Site Search Vulnerability (CNVD-2018-23927)

Google Monorail is an issue tracker from Google USA. A security vulnerability exists in versions of Google Monorail prior to 2018-04-04. An attacker can exploit the vulnerability to obtain sensitive information about bug reports...