Download
| Alert*
DSA-3679-1 jackrabbit -- jackrabbit
Lukas Reschke discovered that Apache Jackrabbit, an implementation of the Content Repository for Java Technology API, did not correctly check the Content-Type header on HTTP POST requests, enabling Cross-Site Request Forgery attacks by malicious web sites.
|