Multiple cross-site request forgery (CSRF) vulnerabilities in the Noma component in GroundWork Monitor Enterprise 6.7.0 allow remote attackers to hijack the authentication of unspecified victims for requests that (1) store XSS sequences or (2) delete entries.
References
Configurations
History
21 Nov 2024, 01:53
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.kb.cert.org/vuls/id/345260 - US Government Resource | |
References | () https://kb.groundworkopensource.com/display/SUPPORT/SA6.7.0-1+Some+web+components+allow+bypass+of+role+access+controls - | |
References | () https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130308-1_GroundWork_Monitoring_Multiple_high_risk_vulnerabilities_part2_wo_poc_v10.txt - |
Information
Published : 2013-05-08 12:09
Updated : 2024-11-21 01:53
NVD link : CVE-2013-3513
Mitre link : CVE-2013-3513
CVE.ORG link : CVE-2013-3513
JSON object : View
Products Affected
gwos
- groundwork_monitor
CWE
CWE-352
Cross-Site Request Forgery (CSRF)