CSRF Vulnerability in SearchBlox 8.6.6 UserServlet
CVE-2018-11538 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
servlet/UserServlet in SearchBlox 8.6.6 has CSRF via the u_name, u_passwd1, u_passwd2, role, and X-XSRF-TOKEN POST parameters because of CSRF Token Bypass.
Learn more about our User Device Pen Test.