2018-06-08 17:00:00
microfocus
PUBLISHED
In the Open Build Service (OBS) before version 2.4.6 the CSRF protection is incorrectly disabled in the web interface, allowing for requests without the users consent.