CVE-2017-7556

Summary

Hawtio versions up to and including 1.5.3 are vulnerable to CSRF vulnerability allowing remote attackers to trick the user to visit their website containing a malicious script which can be submitted to hawtio server on behalf of the user.

Affected Software

VendorProductVersion RangeStatus
Red Hat, Inc.hawtioup to and including 1.5.3affected

Weaknesses

  • CWE-352: CWE-352

ADP Enrichment

CVE Program Container

Additional References

References