CVE-2014-0594

Summary

In the Open Build Service (OBS) before version 2.4.6 the CSRF protection is incorrectly disabled in the web interface, allowing for requests without the user's consent.

Affected Software

VendorProductVersion RangeStatus
openSUSEOpen Build Serviceunspecified < 2.4.6affected

Weaknesses

  • CWE-352: CWE-352

ADP Enrichment

CVE Program Container

Additional References

References