WSO2.Carbon.AjaxProcessor.CSRF

description-logoDescription

This indicates an attack attempt to exploit a Cross-Site Request Forgery vulnerability in WSO2 Carbon.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. An attacker may exploit this to cause the server to perform certain actions in the context of an authorized user's session.

affected-products-logoAffected Products

WSO2 Carbon v4.4.5

Impact logoImpact

Denial of Service: Remote attackers can crash vulnerable systems

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor:
https://wso2.com/more-downloads/carbon/

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-03-12 15.795 Default_action:pass:drop
2020-03-02 15.786