High severity8.8NVD Advisory· Published Jul 1, 2020· Updated Jun 17, 2026
CVE-2020-5900
CVE-2020-5900
Description
In versions 3.0.0-3.4.0, 2.0.0-2.9.0, and 1.0.1, there is insufficient cross-site request forgery (CSRF) protections for the NGINX Controller user interface.
Affected products
1- NGINX/NGINX Controllerdescription
Patches
Vulnerability mechanics
References
1- support.f5.com/csp/article/K31044532nvdVendor Advisory
News mentions
0No linked articles in our index yet.