3 matches found
CVE-2019-5630
A Cross-Site Request Forgery CSRF vulnerability was found in Rapid7 Nexpose InsightVM Security Console versions 6.5.0 through 6.5.68. This issue allows attackers to exploit CSRF vulnerabilities on API endpoints using Flash to circumvent a cross-domain pre-flight OPTIONS request...
CVE-2019-5630
CVE-2019-5630 affects Rapid7 Nexpose InsightVM Security Console. The vulnerability is a Cross-Site Request Forgery (CSRF) in API endpoints that can be exploited via Flash to bypass a cross-domain pre-flight OPTIONS request. Affected versions are 6.5.0 through 6.5.68. The issue arises from insuffi...
CVE-2019-5630 Rapid7 Nexpose/InsightVM Security Console CSRF
A Cross-Site Request Forgery CSRF vulnerability was found in Rapid7 Nexpose InsightVM Security Console versions 6.5.0 through 6.5.68. This issue allows attackers to exploit CSRF vulnerabilities on API endpoints using Flash to circumvent a cross-domain pre-flight OPTIONS request...