Vulnerabilities > Openwebanalytics > Open WEB Analytics > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-20 | CVE-2014-1457 | Cross-Site Request Forgery (CSRF) vulnerability in Openwebanalytics Open web Analytics Open Web Analytics (OWA) before 1.5.6 improperly generates random nonce values, which makes it easier for remote attackers to bypass a CSRF protection mechanism by leveraging knowledge of an OWA user name. | 8.8 |