CVE-2011-1911
CVE-2011-1911 affects JasperReports Server Community Project (JasperServer) versions 3.7.0 and 3.7.1. The root cause is a predictable _flowExecutionKey parameter, enabling CSRF via brute-forcing across requests. Impact described includes the ability for an attacker, tricking an authenticated user...