GHSA-q4q2-fvwf-6ghv
Suggest an improvement- Source
- https://github.com/advisories/GHSA-q4q2-fvwf-6ghv
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-q4q2-fvwf-6ghv/GHSA-q4q2-fvwf-6ghv.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-q4q2-fvwf-6ghv
- Aliases
- Published
- 2022-05-13T01:36:16Z
- Modified
- 2023-11-01T04:48:19.200614Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- Cross-Site Request Forgery in hawtio
- Details
-
It was found that hawtio contains a CSRF flaw that allows unrelated websites to perform actions as the authenticated user. Attackers could use this vulnerability to trick the user to visit his website that contains a malicious script which can be submitted to hawtio server on behalf of the user.
- Database specific
{ "nvd_published_at": "2017-08-17T19:29:00Z", "github_reviewed_at": "2022-11-04T18:41:35Z", "severity": "HIGH", "github_reviewed": true, "cwe_ids": [ "CWE-352" ] }- References
Affected packages
Maven / io.hawt:project
Package
- Name
- io.hawt:project
- View open source insights on deps.dev
- Purl
- pkg:maven/io.hawt/project
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1.5.4
Affected versions
1.*
1.0
1.1
1.2-M1
1.2-M2
1.2-M3
1.2-M4
1.2-M5
1.2-M6
1.2-M7
1.2-M8
1.2-M9
1.2-M10
1.2-M11
1.2-M13
1.2-M14
1.2-M16
1.2-M19
1.2-M20
1.2-M22
1.2-M23
1.2-M24
1.2-M25
1.2-M26
1.2-M27
1.2.0
1.2.1
1.2.2
1.2.3
1.3.0
1.3.1
1.4.0
1.4.1
1.4.2
1.4.4
1.4.5
1.4.6
1.4.7
1.4.8
1.4.9
1.4.10
1.4.11
1.4.12
1.4.14
1.4.15
1.4.16
1.4.17
1.4.18
1.4.19
1.4.20
1.4.21
1.4.22
1.4.23
1.4.24
1.4.25
1.4.26
1.4.27
1.4.28
1.4.29
1.4.30
1.4.31
1.4.32
1.4.33
1.4.34
1.4.35
1.4.36
1.4.37
1.4.38
1.4.39
1.4.40
1.4.41
1.4.42
1.4.43
1.4.44
1.4.45
1.4.46
1.4.47
1.4.48
1.4.49
1.4.50
1.4.51
1.4.52
1.4.53
1.4.54
1.4.55
1.4.56
1.4.57
1.4.58
1.4.59
1.4.60
1.4.61
1.4.62
1.4.63
1.4.64
1.4.65
1.4.66
1.4.67
1.4.68
1.5.0
1.5.X
1.5.1
1.5.2
1.5.3