Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown
CVE-2011-1911
Disclosure Date: September 20, 2011 (last updated October 04, 2023)
JasperServer in JasperReports Server Community Project 3.7.0 and 3.7.1 uses a predictable _flowExecutionKey parameter, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a brute-force approach.
0
