Description
Cross Site Request Forgery (CSRF) vulnerability in NASA Open MCT (aka openmct) through 3.1.0 allows attackers to view sensitive information via the flexibleLayout plugin.
Remediation
References
https://www.linkedin.com/pulse/xss-nasas-open-mct-v302-visionspace-technologies-ubg4f
Related Vulnerabilities
CVE-2022-25848 Vulnerability in npm package static-dev-server
CVE-2020-28459 Vulnerability in npm package markdown-it-decorate
CVE-2017-16154 Vulnerability in npm package earlybird
CVE-2020-24807 Vulnerability in npm package socket.io-file
CVE-2021-21391 Vulnerability in npm package @ckeditor/ckeditor5-paste-from-office