2 matches found
CVE-2015-2878
Multiple cross-site request forgery CSRF vulnerabilities in Hexis HawkEye G 3.0.1.4912 allow remote attackers to hijack the authentication of administrators for requests that 1 add arbitrary accounts via the name parameter to interface/rest/accounts/json; turn off the 2 Url matching, 3 DNS Inject...
CVE-2015-2878
Multiple cross-site request forgery CSRF vulnerabilities in Hexis HawkEye G 3.0.1.4912 allow remote attackers to hijack the authentication of administrators for requests that 1 add arbitrary accounts via the name parameter to interface/rest/accounts/json; turn off the 2 Url matching, 3 DNS Inject...