CVE-2018-10884
CVE-2018-10884 affects Ansible Tower before 3.1.8 and before 3.2.6, where a CSRF flaw in awx/api/authentication.py allows an attacker to trick authenticated users into visiting a malicious page and hijack the authtoken cookie. Evidence from multiple sources confirms the vulnerable versions and th...