Lucene search
K

5 matches found

0day.today
0day.today
added 2018/01/28 12:0 a.m.48 views

KeystoneJS < 4.0.0-beta.7 - Cross-Site Request Forgery Vulnerability

Exploit for jsp platform in category web applications Exploit Title: Application wide CSRF Bypass Date: Sep, 2017 Exploit Author: Saurabh Banawar Vendor Homepage: http://keystonejs.com/ Software Link: https://github.com/keystonejs/keystone Version: 4.0.0 Tested on: Windows 8.1 CVE : 2017-16570...

6.8CVSS0.1AI score0.02213EPSS
Exploits2
Exploit DB
Exploit DB
added 2018/01/28 12:0 a.m.66 views

KeystoneJS &lt; 4.0.0-beta.7 - Cross-Site Request Forgery

Exploit Title: Application wide CSRF Bypass Date: Sep, 2017 Exploit Author: Saurabh Banawar Vendor Homepage: http://keystonejs.com/ Software Link: https://github.com/keystonejs/keystone Version: 4.0.0 Tested on: Windows 8.1 CVE : 2017-16570 Link: https://vuldb.com/?id.109170 Exploit:...

7AI score
Exploits0
exploitpack
exploitpack
added 2018/01/28 12:0 a.m.27 views

KeystoneJS 4.0.0-beta.7 - Cross-Site Request Forgery

KeystoneJS 4.0.0-beta.7 - Cross-Site Request Forgery Exploit Title: Application wide CSRF Bypass Date: Sep, 2017 Exploit Author: Saurabh Banawar Vendor Homepage: http://keystonejs.com/ Software Link: https://github.com/keystonejs/keystone Version: 4.0.0 Tested on: Windows 8.1 CVE : 2017-16570 Lin...

0.7AI score
Exploits0
NVD
NVD
added 2017/11/06 8:29 a.m.29 views

CVE-2017-16570

KeystoneJS before 4.0.0-beta.7 allows application-wide CSRF bypass by removing the CSRF parameter and value, aka SecureLayer7 issue number SL7KEYJS03. In other words, it fails to reject requests that lack an x-csrf-token header...

8.8CVSS8.7AI score0.02213EPSS
Exploits2References4
CVE
CVE
added 2017/11/06 8:0 a.m.64 views

CVE-2017-16570

KeystoneJS vulnerability CVE-2017-16570 affects KeystoneJS before 4.0.0-beta.7. The issue is a Cross-Site Request Forgery (CSRF) bypass where requests can bypass CSRF protection by removing the CSRF parameter/value, effectively not rejecting requests that lack an X-CSRF-Token header. Public detai...

8.8CVSS8.6AI score0.02213EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder