CSRF Vulnerability in Knowage (formerly SpagoBI) 6.1.1 via Every Form
CVE-2018-12354 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
Knowage (formerly SpagoBI) 6.1.1 allows CSRF via every form, as demonstrated by a /knowage/restful-services/2.0/analyticalDrivers/ POST request.
Learn more about our Web Application Penetration Testing UK.