BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
CVE-2012-6493 - Nexpose Security Console - Cross-Site Request Forgery (CSRF) Jan 03 2013 09:00PM
i (at) amroot (dot) com [email concealed] (i amroot com)
Product: Nexpose Security Console
Vendor: Rapid7
Version: < 5.5.3
Tested Version: 5.5.1
Vendor Notified Date: December 19, 2012
Release Date: January 2, 2013
Risk: High
Authentication: None required
Remote: Yes

Description:
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Nexpose
Secu...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus