Lucene search
K

5 matches found

OSV
OSV
added 2026/05/28 8:43 a.m.8 views

BIT-JUPYTERHUB-2026-40864 JupyterHub: Cross-origin form POSTs bypass XSRF

JupyterHub is software that allows users to create a multi-user server for Jupyter notebooks. In versions 4.1.0 through 5.4.4, XSRF protection updated in 4.1.0 inappropriately treated requests with Sec-Fetch-Mode: no-cors as same-origin requests, bypassing XSRF checks. The JSON API is not affecte...

5.4CVSS5.8AI score0.00159EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/05/25 12:0 a.m.15 views

Linux Distros Unpatched Vulnerability : CVE-2026-40864

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - JupyterHub is software that allows users to create a multi-user server for Jupyter notebooks. In versions 4.1.0 through 5.4.4, XSRF protection updated in 4.1.0...

5.4CVSS5.5AI score0.00159EPSS
Exploits1References3
OSV
OSV
added 2026/05/22 9:16 p.m.8 views

DEBIAN-CVE-2026-40864

JupyterHub is software that allows users to create a multi-user server for Jupyter notebooks. In versions 4.1.0 through 5.4.4, XSRF protection updated in 4.1.0 inappropriately treated requests with Sec-Fetch-Mode: no-cors as same-origin requests, bypassing XSRF checks. The JSON API is not affecte...

4.3CVSS5.8AI score0.00159EPSS
Exploits1References1
NVD
NVD
added 2018/07/27 6:29 p.m.35 views

CVE-2017-2653

A number of unused delete routes are present in CloudForms before 5.7.2.1 which can be accessed via GET requests instead of just POST requests. This could allow an attacker to bypass the protectfromforgery XSRF protection causing the routes to be used. This attack would require additional...

6.5CVSS4.8AI score0.01387EPSS
Exploits0References3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.101 views

Pligg 9.9.5 - CSRF Protection Bypass and Captcha Bypass

No description provided by source. Written By Michael Brooks Special thanks to str0ke! Pligg - XSRF Protection Bypass and Captcha Bypass affects 9.9.5 XSRF Protection Bypass html !-- Remove this iframe from this file and place it on a site that you want to force people to vote for. Change these...

7.1AI score
Exploits0
Rows per page
Query Builder