2 matches found
CVE-2022-3274 Cross-Site Request Forgery (CSRF) on user's settings in GitHub repository ikus060/rdiffweb prior to 2.4.6. in ikus060/rdiffweb
Cross-Site Request Forgery CSRF in GitHub repository ikus060/rdiffweb prior to 2.4.7...
CVE-2022-3274
CVE-2022-3274 is a Cross-Site Request Forgery (CSRF) vulnerability affecting the rdiffweb project (GitHub: ikus060/rdiffweb) prior to version 2.4.7. Multiple connected sources describe CSRF exposure that can allow an attacker to change a user's email address/settings. The confirmed remediation is...