Description
Cross Site Request Forgery (CSRF) vulnerability in NASA Open MCT (aka openmct) through 3.1.0 allows attackers to view sensitive information via the flexibleLayout plugin.
Remediation
References
https://www.linkedin.com/pulse/xss-nasas-open-mct-v302-visionspace-technologies-ubg4f
Related Vulnerabilities
CVE-2020-35490 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2019-11405 Vulnerability in maven package org.openapitools:openapi-generator-project
CVE-2018-3739 Vulnerability in npm package https-proxy-agent
CVE-2021-21252 Vulnerability in maven package org.webjars.bower:jquery-validation