CSRF Vulnerability in WSO2 Carbon 4.4.5 Allows Remote Server Shutdown

CSRF Vulnerability in WSO2 Carbon 4.4.5 Allows Remote Server Shutdown

CVE-2016-4315 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:N/A:P

Cross-site request forgery (CSRF) vulnerability in WSO2 Carbon 4.4.5 allows remote attackers to hijack the authentication of privileged users for requests that shutdown a server via a shutdown action to server-admin/proxy_ajaxprocessor.jsp.

Learn more about our Cis Benchmark Audit For Server Software.