Skip to main content

Hsweb

2 CVEs product

Monthly

CVE-2018-20595 Maven HIGH POC PATCH This Week

A CSRF issue was discovered in web/authorization/oauth2/controller/OAuth2ClientController.java in hsweb 3.0.4 because the state parameter in the request is not compared with the state parameter in. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Java CSRF Hsweb
NVD GitHub
CVSS 3.0
8.8
EPSS
0.6%
CVE-2018-20594 Maven MEDIUM POC PATCH This Month

An issue was discovered in hsweb 3.0.4. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Hsweb
NVD GitHub
CVSS 3.0
6.1
EPSS
0.9%
EPSS 1% CVSS 8.8
HIGH POC PATCH This Week

A CSRF issue was discovered in web/authorization/oauth2/controller/OAuth2ClientController.java in hsweb 3.0.4 because the state parameter in the request is not compared with the state parameter in. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Java CSRF Hsweb
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM POC PATCH This Month

An issue was discovered in hsweb 3.0.4. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Hsweb
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy