Skip to main content

Myfaces

1 CVEs product

Monthly

CVE-2021-26296 Maven HIGH POC PATCH This Week

In the default configuration, Apache MyFaces Core versions 2.2.0 to 2.2.13, 2.3.0 to 2.3.7, 2.3-next-M1 to 2.3-next-M4, and 3.0.0-RC1 use cryptographically weak implicit and explicit cross-site. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

CSRF Apache Myfaces Oncommand Insight
NVD
CVSS 3.1
7.5
EPSS
3.0%
EPSS 3% CVSS 7.5
HIGH POC PATCH This Week

In the default configuration, Apache MyFaces Core versions 2.2.0 to 2.2.13, 2.3.0 to 2.3.7, 2.3-next-M1 to 2.3-next-M4, and 3.0.0-RC1 use cryptographically weak implicit and explicit cross-site. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

CSRF Apache Myfaces +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy