CVE-2023-38759

CVE-2023-38759 describes a Cross-Site Request Forgery (CSRF) vulnerability in the wger Project, Workout Manager version 2.2.0a3. The issue enables a remote attacker to gain privileges via the user-management features, affecting multiple components/files (e.g., gym.py, reset_user_password.html, ov...