Posted on

Open Web Analytics up to 1.5.5 CSRF Protection owa_user_id cross site request forgery

A vulnerability, which was classified as critical, has been found in Open Web Analytics up to 1.5.5. Affected by this issue is some unknown functionality of the component CSRF Protection. Upgrading to version 1.5.6 eliminates this vulnerability. A possible mitigation has been published before and not just after the disclosure of the vulnerability.