2 matches found
com.nesscomputing.components:ness-event-server (>=1.0.0 <=1.1.1), com.nesscomputing.components:ness-httpserver (>=1.0.0 <=2.3.4) +37 more potentially affected by CVE-2014-0168 via org.jolokia:jolokia-core (>=1.0.0 <=1.2.0)
org.jolokia:jolokia-core MAVEN version =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =5.8.0-NESS-1, =1.0.0, =1.4.1, =1.0.0, =1.0.0, =1.2.0, =1.1, =1.1.0.Beta1, =1.1.0.Beta4 and more Source cves: CVE-2014-0168 Source advisory: OSV:GHSA-FJHW-8222-G2HG...
CVE-2014-0168
Cross-site request forgery CSRF vulnerability in Jolokia before 1.2.1 allows remote attackers to hijack the authentication of users for requests that execute MBeans methods via a crafted web page...