Description

Cross-site request forgery (CSRF) vulnerability in Jolokia before 1.2.1 allows remote attackers to hijack the authentication of users for requests that execute MBeans methods via a crafted web page.

Remediation

References

CVE-2014-0168

Related Vulnerabilities

WordPress Plugin PWAMP PHP Object Injection (1.0.0)

Oracle JRE CVE-2014-2410 Vulnerability (CVE-2014-2410)

WordPress Plugin amtyThumb Cross-Site Scripting (4.1.2)

Microsoft SQL Server Other Vulnerability (CVE-2000-0402)

WordPress Plugin ActiveCampaign-Forms, Site Tracking, Live Chat Cross-Site Request Forgery (8.0.1)

Severity

Medium

Classification

CVE-2014-0168 CWE-352

Tags

Missing Update Known Vulnerabilities