CVE-2013-3513
GroundWork Monitor Enterprise 6.7.0 - Cross-Site Request Forgery in Noma Component
Title source: llmDescription
Multiple cross-site request forgery (CSRF) vulnerabilities in the Noma component in GroundWork Monitor Enterprise 6.7.0 allow remote attackers to hijack the authentication of unspecified victims for requests that (1) store XSS sequences or (2) delete entries.
References (3)
Core 3
Core References
Various Sources x_refsource_misc
https://kb.groundworkopensource.com/display/SUPPORT/SA6.7.0-1+Some+web+components+allow+bypass+of+role+access+controls
Various Sources x_refsource_misc
https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20130308-1_GroundWork_Monitoring_Multiple_high_risk_vulnerabilities_part2_wo_poc_v10.txt
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/345260
Scores
EPSS
0.0072
EPSS Percentile
49.5%
Details
CWE
CWE-352
Status
published
Products (1)
gwos/groundwork_monitor
6.7.0
Published
May 08, 2013
Tracked Since
Feb 18, 2026