CVE-2018-19334
CVE-2018-19334 affects Google Monorail prior to 2018-05-04, exposing Cross-Site Search (XS-Search) via CSV downloads that are CSRF-protected inappropriately. The root cause is CSRF-assisted CSV download handling and calculations of download times for requests with an unsupported axis, which can r...