CVE-2021-28490

In OWASP CSRFGuard through 3.1.0, CSRF can occur because the CSRF cookie may be retrieved by using only a session token...

EUVD-2022-4458

Malicious code in bioql PyPI...

com.jalalkiswani:jk-faces (>=0.0.1 <=0.0.9-4), com.jalalkiswani:jk-web (>=0.0.3 <=0.0.9-2) +5 more potentially affected by CVE-2021-28490 via org.owasp:csrfguard (>=3.0.0 <=3.1.0)

org.owasp:csrfguard MAVEN version =3.0.0, =0.0.1, =0.0.3, =0.0.9, =0.0.7, =2.3.0, =2.6.10, =2.9.0-01, =2.16.0-01 Source cves: CVE-2021-28490 Source advisory: OSV:GHSA-JX66-5WW9-M6Q4...

Cross-Site Request Forgery in OWASP CSRFGuard

In OWASP CSRFGuard through 3.1.0, CSRF can occur because the CSRF cookie may be retrieved by using only a session token...

CVE-2021-28490

In OWASP CSRFGuard through 3.1.0, CSRF can occur because the CSRF cookie may be retrieved by using only a session token...

CVE-2021-28490

In OWASP CSRFGuard through 3.1.0, CSRF can occur because the CSRF cookie may be retrieved by using only a session token...

Cross site request forgery (csrf)

In OWASP CSRFGuard through 3.1.0, CSRF can occur because the CSRF cookie may be retrieved by using only a session token...

CVE-2021-28490

In OWASP CSRFGuard through 3.1.0, CSRF can occur because the CSRF cookie may be retrieved by using only a session token...

CVE-2021-28490

In OWASP CSRFGuard (through 3.1.0), a CSRF vulnerability exists where the CSRF cookie can be retrieved using only a session token. This results from the cookie handling logic enabling CSRF token exposure via a session token, enabling CSRF attacks under network conditions with no authentication re...

Owasp CSRFGuard 跨站请求伪造漏洞

Owasp CSRFGuard is a library from the OWASP Owasp Foundation in the United States that implements a variant of the Synchronizer Token Mode to mitigate the risk of cross-site request forgery CSRF attacks. A cross-site request forgery CSRF vulnerability exists in OWASP CSRFGuard 3.1.0 and earlier...