3 matches found
CVE-2023-4454 Cross-Site Request Forgery (CSRF) in wallabag/wallabag
Cross-Site Request Forgery CSRF in GitHub repository wallabag/wallabag prior to 2.6.3...
CVE-2023-4454 Cross-Site Request Forgery (CSRF) in wallabag/wallabag
Cross-Site Request Forgery CSRF in GitHub repository wallabag/wallabag prior to 2.6.3...
CVE-2023-4454
The CVE-2023-4454 entry concerns wallabag/wallabag prior to version 2.6.3. The vulnerability is a Cross-Site Request Forgery (CSRF) in the ConfigController.php reset actions, caused by missing CSRF protection. This could allow an attacker to trigger GET requests to /reset/annotations, /reset/entr...