Lucene search
HistoryAug 21, 2023 - 10:15 a.m.
CVE-2023-4455
cve-2023-4455
csrf
github
repository
wallabag
nvd
vulnerability
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
0.0005 Low
EPSS
Percentile
18.0%
Cross-Site Request Forgery (CSRF) in GitHub repository wallabag/wallabag prior to 2.6.3.
Affected configurations
Node
wallabagwallabagRange<2.6.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| wallabag:wallabag | wallabag | lt | 2.6.3 |
CNA Affected
[
{
"vendor": "wallabag",
"product": "wallabag/wallabag",
"versions": [
{
"version": "unspecified",
"lessThan": "2.6.3",
"status": "affected",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site request forgery (csrf)
2023-08-21 10:15:00
osv
osv
Wallabag user can delete own API client unintentionally
2023-08-21 20:28:03
CVE-2023-4455
2023-08-21 10:15:10
cvelist
cvelist
CVE-2023-4455 Cross-Site Request Forgery (CSRF) in wallabag/wallabag
2023-08-21 09:27:12
veracode
veracode
Cross-Site Request Forgery (CSRF)
2023-08-22 04:11:26
nvd
nvd
CVE-2023-4455
2023-08-21 10:15:10
huntr
huntr
CSRF leading to delete Client API in API clients management
2023-03-31 17:00:24
github
github
Wallabag user can delete own API client unintentionally
2023-08-21 20:28:03
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
0.0005 Low
EPSS
Percentile
18.0%
Related for CVE-2023-4455