What the vulnerability does

01Description

Hawtio versions up to and including 1.5.3 are vulnerable to CSRF vulnerability allowing remote attackers to trick the user to visit their website containing a malicious script which can be submitted to hawtio server on behalf of the user.

Key dates

02Disclosure timeline

August 17, 2017 CVE published
August 5, 2024 Record updated