High severity8.8OSV Advisory· Published Jul 13, 2018· Updated Jun 17, 2026
CVE-2018-1000206
CVE-2018-1000206
Description
JFrog Artifactory version since 5.11 contains a Cross ite Request Forgery (CSRF) vulnerability in UI rest endpoints that can result in Classic CSRF attack allowing an attacker to perform actions as logged in user. This attack appear to be exploitable via The victim must run maliciously crafted flash component. This vulnerability appears to have been fixed in 6.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 5.11.0, 6.0.1, 6.0.3
- Range: >=5.11, <6.1
Patches
Vulnerability mechanics
References
3- www.jfrog.com/jira/browse/RTFACT-17004nvdIssue TrackingPatchVendor Advisory
- www.geekboy.ninja/blog/exploiting-json-cross-site-request-forgery-csrf-using-flash/nvdExploitThird Party Advisory
- www.jfrog.com/jira/secure/ReleaseNote.jspanvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.