This affects all versions of package sqlite-web. The SQL dashboard area allows sensitive actions to be performed without validating that the request originated from the application. This could enable an attacker to trick a user into performing these actions unknowingly through a Cross Site Request Forgery (CSRF) attack.
CPE | Name | Operator | Version |
---|---|---|---|
sqlite-web | eq | 0.3.3 | |
sqlite-web | eq | 0.3.0 | |
sqlite-web | eq | 0.1.3 | |
sqlite-web | eq | 0.1.6 | |
sqlite-web | eq | 0.1.1 | |
sqlite-web | eq | 0.1.5 | |
sqlite-web | eq | 0.3.6 | |
sqlite-web | eq | 0.2.2 | |
sqlite-web | eq | 0.4.0 | |
sqlite-web | eq | 0.3.1 |