21 Sep 2016
CVE-2016-6801 Vulnerability
Cross-site request forgery (CSRF) vulnerability in the CSRF content-type check in Jackrabbit-Webdav in Apache Jackrabbit 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.3, 2.10.x before 2.10.4, 2.12.x before 2.12.4, and 2.13.x before 2.13.3 allows remote attackers to hijack the authentication of unspecified victims for requests that create a resource via an HTTP POST request with a (1) missing or (2) crafted Content-Type header. (CVSS:6.8) (Last Update:2016-10-04)
Vulnerability Details : Cross-site request forgery (CSRF) vulnerability in the CSRF content-type check in Jackrabbit-Webdav in Apache Jackrabbit 2.4.x before 2.4.6, 2.6.x before 2.6.6, 2.8.x before 2.8.3, 2.10.x before 2.10.4, 2.12.x before 2.12.4, and 2.13.x before 2.13.3 allows remote attackers to hijack the authentication of unspecified victims for requests that create a resource via an HTTP POST request with a (1) missing or (2) crafted Content-Type header. Publish Date : 2016-09-21 Last Update Date : 2016-10-04 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2016-6801- Number Of Affected Versions By Product
- References For CVE-2016-6801
| |||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2016-6801There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |