CVE-2018-20595



A CSRF issue was discovered in web/authorization/oauth2/controller/OAuth2ClientController.java in hsweb 3.0.4 because the state parameter in the request is not compared with the state parameter in the session after user authentication is successful.

Don't forget to share

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *