RSS   Vulnerabilities for
'Jasperreports server community project'
   RSS

2011-09-20
 
CVE-2011-1911

 

 
JasperServer in JasperReports Server Community Project 3.7.0 and 3.7.1 uses a predictable _flowExecutionKey parameter, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a brute-force approach.

 


Copyright 2024, cxsecurity.com

 

Back to Top