Vulnerabilities > Hsweb

DATE	CVE	VULNERABILITY TITLE	RISK
2018-12-30	CVE-2018-20595	Cross-Site Request Forgery (CSRF) vulnerability in Hsweb 3.0.4 A CSRF issue was discovered in web/authorization/oauth2/controller/OAuth2ClientController.java in hsweb 3.0.4 because the state parameter in the request is not compared with the state parameter in the session after user authentication is successful. network low complexity hsweb CWE-352	8.8
2018-12-30	CVE-2018-20594	Cross-site Scripting vulnerability in Hsweb 3.0.4 An issue was discovered in hsweb 3.0.4. network low complexity hsweb CWE-79	6.1

Vulnerabilities > Hsweb {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Hsweb"}]}