What the vulnerability does

01Description

A flaw was found in Infinispan version 10, where it is possible to perform various actions that could have side effects using GET requests. This flaw allows an attacker to perform a cross-site request forgery (CSRF) attack.

Key dates

02Disclosure timeline

June 2, 2021 CVE published
August 4, 2024 Record updated