Hawtio versions up to and including 1.5.3 are vulnerable to CSRF vulnerability allowing remote attackers to trick the user to visit their website containing a malicious script which can be submitted to hawtio server on behalf of the user.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| io.hawt:project(Maven) | 0 | 1.5.4 | N/A |
CVSS Metrics
