CVE-2020-15789

Name of the Vulnerable Software and Affected Versions Polarion Subversion Webclient (All versions)

Description A Cross-Site Request Forgery (CSRF) attack is possible through the web interface if a user is tricked into accessing a malicious link. The attack requires user interaction by an authenticated user, potentially allowing an attacker to trigger actions via the web interface, including reading or modifying web application contents.

Recommendations For all versions, consider implementing CSRF protection mechanisms, such as token-based validation, to prevent unauthorized actions. As a temporary workaround, restrict access to sensitive areas of the web interface to minimize the risk of exploitation.