CSRF in Redhat Jboss_enterprise_portal_platform

CVE-2012-3532

Cross-site request forgery (CSRF) vulnerability in the GateIn Portal component in JBoss Enterprise Portal Platform 5.2.2 and earlier allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Vulnerability class: CSRF (Cross-Site Request Forgery)

EPSS: 0.001 (34.2th percentile) — read the EPSS interpretation.

Affected products

Redhat Jboss_enterprise_portal_platform — versions 4.3.0, 5.0.0, 5.0.1
N/a — versions n/a

Weakness classification (CWE)

CWE-352 — Cross-Site Request Forgery (CSRF)

References

RHSA-2013:0733 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)
53005 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
secalert@redhat.com (x_refsource_CONFIRM)
59015 (vdb-entry, x_refsource_BID)