1 matches found
Cross site request forgery (csrf)
Open Web Analytics OWA before 1.5.6 improperly generates random nonce values, which makes it easier for remote attackers to bypass a CSRF protection mechanism by leveraging knowledge of an OWA user name...