CVE-2018-19335

CVE-2018-19335

Google Monorail before 2018-06-07 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with a crafted groupby value) can be used to obtain sensitive information about the content of bug reports.

Source: CVE-2018-19335

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다