← Back

Jasperreports Server Community Project

jasperreports_server_community_project

Vendor: Jasperforge • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2011-1911
1Jasperforge
1Jasperreports Server Community Project
Apr 29, 2026
Sep 20, 2011
N/A· v4
N/A· v3
6.8 MEDIUM· v2
JasperServer in JasperReports Server Community Project 3.7.0 and 3.7.1 uses a predictable _flowExecutionKey parameter, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a...Show more
JasperServer in JasperReports Server Community Project 3.7.0 and 3.7.1 uses a predictable _flowExecutionKey parameter, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via a brute-force approach.Show less