CVE-2017-5264 (nexpose)

Posted on 2017년 12월 15일2017년 12월 28일 by admin

Versions of Nexpose prior to 6.4.66 fail to adequately validate the source of HTTP requests intended for the Automated Actions administrative web application, and are susceptible to a cross-site request forgery (CSRF) attack.

Source: CVE-2017-5264 (nexpose)

답글 남기기 응답 취소