SearchBlox Cross-Site Request Forgery Vulnerability (CNVD-2018-13281)

SearchBlox is the U.S. SearchBlox company a set of open source and free of charge based on Lucene full-text search engine toolkit to build enterprise search and analytics solutions. The program provides a Web-based management interface , you can manage the entire search system . A cross-site...

CVE-2018-11538

servlet/UserServlet in SearchBlox 8.6.6 has CSRF via the uname, upasswd1, upasswd2, role, and X-XSRF-TOKEN POST parameters because of CSRF Token Bypass...