Jolokia Cross-Site Request Forgery Vulnerabiity
A vulnerability in the Jolokia agent could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on a targeted system.
The vulnerability is due to improper security restrictions that are imposed by the affected software. An attacker could exploit this vulnerability by persuading a user to access a link that submits malicious input to the targeted system. A successful exploit could allow the attacker to conduct a CSRF attack, which the attacker could use to perform unauthorized actions on the targeted system.
Jolokia has confirmed this vulnerability and released software updates.
Security Impact Rating: High