Description
CSRF exists in the Auth0 authentication service through 14591 if the Legacy Lock API flag is enabled.
Remediation
References
http://www.securityfocus.com/bid/103695
https://auth0.com/docs/security/bulletins/cve-2018-6874
Related Vulnerabilities
CVE-2016-0760 Vulnerability in maven package org.apache.sentry:sentry-binding-hive
CVE-2018-12536 Vulnerability in maven package org.eclipse.jetty:jetty-util
CVE-2016-10535 Vulnerability in npm package csrf-lite
CVE-2022-41928 Vulnerability in maven package org.xwiki.platform:xwiki-platform-attachment-ui
CVE-2017-16026 Vulnerability in maven package org.webjars:request