Red Hat Security Advisory 2013-0733-01 - JBoss Enterprise Portal Platform is the open source implementation of the Java EE suite of services and Portal services running atop JBoss Enterprise Application Platform. It comprises a set of offerings for enterprise customers who are looking for pre-configured profiles of JBoss Enterprise Middleware components that have been tested and certified together to provide an integrated experience. Multiple Cross-Site Request Forgery flaws were found in the GateIn Portal. If a remote attacker could trick a logged in user into visiting an attacker-controlled URL, the attacker could perform actions with the privileges of the logged in user.
2da1df32470c1f69190f3f15c14a728a5c78c199c123a3388a73a3f5cf59f222