org.hswebframework.web:hsweb-system-oauth2-client-web@3.0.1 vulnerabilities
-
latest version
3.0.11
-
latest non vulnerable version
-
first published
6 years ago
-
latest version published
4 years ago
-
licenses detected
- [3.0.0,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.hswebframework.web:hsweb-system-oauth2-client-web package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
org.hswebframework.web:hsweb-system-oauth2-client-web is a basic project for quickly setting up an enterprise back-end management system. Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF) due to a lack of a comparison between the state parameter in the request and the state parameter in the session after user authentication is successful. How to fix Cross-site Request Forgery (CSRF)? Upgrade |
[,3.0.5)
|