CSRF Protection Bypass in Open Build Service (OBS) Web Interface

CSRF Protection Bypass in Open Build Service (OBS) Web Interface

CVE-2014-0594 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

In the Open Build Service (OBS) before version 2.4.6 the CSRF protection is incorrectly disabled in the web interface, allowing for requests without the user's consent.

Learn more about our Web App Pen Testing.