Candidate: CVE-2016-0720
PublicDate: 2017-04-21 15:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0720
 https://github.com/feist/pcs/commit/3360ecd318f7631bf5826d99a20bf4b29d86dc9c (0.9.149)
 https://github.com/feist/pcs/commit/d49435de20f71bd0816c42b445ed484dd21fbe96 (0.9.149)
 https://github.com/feist/pcs/commit/b9e7f061788c3b86a0c67d2d4158f067ec5eb625 (0.9.149)
Description:
 Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs
 before 0.9.149.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [8.8 HIGH]

Patches_pcs:
upstream_pcs: released (0.9.149-1)
precise_pcs: DNE
trusty_pcs: DNE
trusty/esm_pcs: DNE
vivid/stable-phone-overlay_pcs: DNE
vivid/ubuntu-core_pcs: DNE
wily_pcs: DNE
xenial_pcs: not-affected (0.9.149-1)
devel_pcs: not-affected