Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
21 Oct 2018
15 Jun 2018
How to fix?
io.vertx:vertx-web to version 3.5.3 or higher.
io.vertx:vertx-web is a HTTP web applications for Vert.x.
Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF). The
CSRFHandler does not assert that the
XSRF Cookie matches the returned
XSRF header/form parameter. This allows replay attacks with previously issued tokens which are not expired yet.