2 matches found
CVE-2014-4865
CSRF in CacheGuard OS 5.7.7 affects /gui/password-wadmin.apl allowing an attacker to hijack authenticated sessions. Root cause: missing CSRF validation in that endpoint; impact includes potential privilege/user authentication manipulation with partial confidentiality/ integrity/availability. CVSS...
CacheGuard OS contains a cross-site request forgery vulnerability
Overview CacheGuard OS v5.7.7 does not sufficiently verify whether a valid request was intentionally provided by the user, which results in a cross-site request forgery CSRF vulnerability. Description CWE-352: Cross-Site Request Forgery CSRF CacheGuard OS v5.7.7 does not sufficiently verify wheth...