CVE-2018-19335 is a vulnerability in Google Monorail
Published on November 20, 2018
Google Monorail before 2018-06-07 has a Cross-Site Search (XS-Search) vulnerability because CSV downloads are affected by CSRF, and calculations of download times (for requests with a crafted groupby value) can be used to obtain sensitive information about the content of bug reports.
Products Associated with CVE-2018-19335
Want to know whenever a new CVE is published for Google Monorail? stack.watch will email you.
Exploit Probability
EPSS
0.11%
Percentile
28.62%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.