2 matches found
CVE-2015-3191
CVE-2015-3191 is a CSRF vulnerability in the Cloud Foundry UAA change_email endpoint. Affected are Cloud Foundry cf-release versions prior to v210 and UAA standalone deployments prior to 2.3.0 (specifically UAA 2.2.6 or earlier; cf-release v209 or earlier). The issue allows an attacker to trigger...
CVE-2015-3191 - CSRF attack on change email | Cloud Foundry
CVE-2015-3191 – CSRF attack on change email Low Vendor Cloud Foundry Foundation Versions Affected cf-release versions prior to v210 UAA versions prior to 2.3.0 Description The changeemail form in UAA is vulnerable to a CSRF attack. This allows an attacker to trigger an e-mail change for a user...