2018.05.04

DATE	CVE	VULNERABILITY TITLE	RISK
2018-11-20	CVE-2018-19335	Cross-Site Request Forgery (CSRF) vulnerability in Google Monorail 20180404/20180504 Google Monorail before 2018-06-07 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with a crafted groupby value) can be used to obtain sensitive information about the content of bug reports. network high complexity google CWE-352	5.3