A flaw was found in Infinispan version 10, where it is possible to perform various actions that could have side effects using GET requests. This flaw allows an attacker to perform a cross-site request forgery (CSRF) attack.
CPE | Name | Operator | Version |
---|---|---|---|
infinispan-server-rest | eq | 10.0.0 | |
data_grid | eq | 8.0 |