0.001 Low
EPSS
Percentile
21.8%
cfme-gemset is vulnerable to cross-site request forgery (CSRF). Lack of authenticity verification of requests in the API notifications allows an attacker to submit requests on behalf of an authenticated user.
access.redhat.com/documentation/en-us/red_hat_cloudforms/5.0/html/release_notes
access.redhat.com/errata/RHSA-2020:4134
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1871921