Lucene search
@huntrdevCVELIST:CVE-2023-4455HistoryAug 21, 2023 - 9:27 a.m.
CVE-2023-4455 Cross-Site Request Forgery (CSRF) in wallabag/wallabag
2023-08-2109:27:12
CWE-352
@huntrdev
www.cve.org
cross-site request forgery
cve-2023-4455
wallabag
github repository
prior version
security vulnerability
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
0.0005 Low
EPSS
Percentile
18.0%
Cross-Site Request Forgery (CSRF) in GitHub repository wallabag/wallabag prior to 2.6.3.
CNA Affected
[
{
"vendor": "wallabag",
"product": "wallabag/wallabag",
"versions": [
{
"version": "unspecified",
"lessThan": "2.6.3",
"status": "affected",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site request forgery (csrf)
2023-08-21 10:15:00
osv
osv
Wallabag user can delete own API client unintentionally
2023-08-21 20:28:03
CVE-2023-4455
2023-08-21 10:15:10
veracode
veracode
Cross-Site Request Forgery (CSRF)
2023-08-22 04:11:26
nvd
nvd
CVE-2023-4455
2023-08-21 10:15:10
huntr
huntr
CSRF leading to delete Client API in API clients management
2023-03-31 17:00:24
github
github
Wallabag user can delete own API client unintentionally
2023-08-21 20:28:03
cve
cve
CVE-2023-4455
2023-08-21 10:15:10
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
0.0005 Low
EPSS
Percentile
18.0%
Related for CVELIST:CVE-2023-4455