CSRF Protection Bypass in HTML_Quickform Library

CSRF Protection Bypass in HTML_Quickform Library

CVE-2015-7364 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

The HTML_Quickform library, as used in Revive Adserver before 3.2.2, allows remote attackers to bypass the CSRF protection mechanism via an empty token.

Learn more about our Cis Benchmark Audit For Server Software.