Security Advisory

CVE-2016-4311

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-02-16 18:00:00

Last updated 2024-08-06 00:25:14

Assigner certcc

State PUBLISHED

Description

Cross-site request forgery (CSRF) vulnerability in the XACML flow feature in WSO2 Identity Server 5.1.0 allows remote attackers to hijack the authentication of privileged users for requests that process XACML requests via an entitlement/eval-policy-submit.jsp request.

← Browse all CVEs View on cve.org ↗