Vulnerabilities > Rapid7 > Nexpose > 6.5.50
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-21 | CVE-2019-5638 | Insufficient Session Expiration vulnerability in Rapid7 Nexpose Rapid7 Nexpose versions 6.5.50 and prior suffer from insufficient session expiration when an administrator performs a security relevant edit on an existing, logged on user. | 8.8 |
| 2019-07-03 | CVE-2019-5630 | Cross-Site Request Forgery (CSRF) vulnerability in Rapid7 Nexpose A Cross-Site Request Forgery (CSRF) vulnerability was found in Rapid7 Nexpose InsightVM Security Console versions 6.5.0 through 6.5.68. | 6.8 |