VYPR
High severity8.8NVD Advisory· Published Sep 13, 2017· Updated Jun 17, 2026

CVE-2016-8737

CVE-2016-8737

Description

In Apache Brooklyn before 0.10.0, the REST server is vulnerable to cross-site request forgery (CSRF), which could permit a malicious web site to produce a link which, if clicked whilst a user is logged in to Brooklyn, would cause the server to execute the attacker's commands as the user. There is known to be a proof-of-concept exploit using this vulnerability.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
org.apache.brooklyn:brooklyn-rest-resourcesMaven
< 0.10.00.10.0
org.apache.brooklyn:brooklyn-jsguiMaven
< 0.10.00.10.0

Affected products

4

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.