Google

Monorail

3 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2018-19335

Exploit
  • EPSS 0.11%
  • Published 20.11.2018 09:29:04
  • Last modified 21.11.2024 03:57:45

Google Monorail before 2018-06-07 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with a crafted groupby value) can be used to obtain sensitive information...

5.3

CVE-2018-19334

Exploit
  • EPSS 0.11%
  • Published 20.11.2018 09:29:03
  • Last modified 21.11.2024 03:57:44

Google Monorail before 2018-05-04 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with an unsupported axis) can be used to obtain sensitive information abo...

5.3

CVE-2018-10099

Exploit
  • EPSS 0.11%
  • Published 20.11.2018 09:29:02
  • Last modified 21.11.2024 03:40:49

Google Monorail before 2018-04-04 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with duplicated columns) can be used to obtain sensitive information abou...