4 matches found
Nexpose 6.4.66 - Cross-Site Request Forgery
Nexpose 6.4.66 - Cross-Site Request Forgery Exploit Title: Cross Site Request Forgery at Nexpose Automated Actions Release Date: 2017-12-13 Exploit Author: Shwetabh Vishnoi Link: https://www.linkedin.com/in/shwetabhvishnoi Vendor Homepage: https://www.rapid7.com/ Software Link:...
Nexpose < 6.4.66 - Cross-Site Request Forgery Vulnerability
Exploit for php platform in category web applications Exploit Title: Cross Site Request Forgery at Nexpose Automated Actions Exploit Author: Shwetabh Vishnoi Link: https://www.linkedin.com/in/shwetabhvishnoi Vendor Homepage: https://www.rapid7.com/ Software Link:...
Nexpose < 6.4.66 - Cross-Site Request Forgery
Exploit Title: Cross Site Request Forgery at Nexpose Automated Actions Release Date: 2017-12-13 Exploit Author: Shwetabh Vishnoi Link: https://www.linkedin.com/in/shwetabhvishnoi Vendor Homepage: https://www.rapid7.com/ Software Link: https://www.rapid7.com/products/nexpose/download/ Tested on:...
CVE-2017-5264
CVE-2017-5264 affects Nexpose prior to 6.4.66, where the Automated Actions web application fails to validate the HTTP request source, enabling CSRF. Affected versions include 6.4.65 and older branches listed in public advisories; impact is cross-site request forgery affecting authenticated users....