Description

Cross-site request forgery (CSRF) vulnerability in Jolokia before 1.2.1 allows remote attackers to hijack the authentication of users for requests that execute MBeans methods via a crafted web page.

Remediation

References

CVE-2014-0168

Related Vulnerabilities

MongoDb Resource Management Errors Vulnerability (CVE-2013-3969)

WordPress Plugin WP Print Friendly Cross-Site Scripting (0.6)

WordPress Plugin Ninja Popups Multiple Vulnerabilities (4.5.3)

WordPress Plugin Flickr Justified Gallery Cross-Site Scripting (3.3.6)

WordPress Plugin File Manager Arbitrary File Upload (6.8)

Severity

Medium

Classification

CVE-2014-0168 CWE-352

Tags

Missing Update Known Vulnerabilities