JasperReports Server '_flowExecutionKey' Parameter Cross Site Request Forgery Vulnerability

Bugtraq ID: 49649
Class: Design Error
CVE: CVE-2011-1911
Remote: Yes
Local: No
Published: Sep 15 2011 12:00AM
Updated: Sep 15 2011 12:00AM
Credit: Michael Orlando
Vulnerable: JasperSoft Corporation JasperReports Server 3.7.1
JasperSoft Corporation JasperReports Server 3.7
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus