3 matches found
CVE-2023-4455 Cross-Site Request Forgery (CSRF) in wallabag/wallabag
Cross-Site Request Forgery CSRF in GitHub repository wallabag/wallabag prior to 2.6.3...
CVE-2023-4455 Cross-Site Request Forgery (CSRF) in wallabag/wallabag
Cross-Site Request Forgery CSRF in GitHub repository wallabag/wallabag prior to 2.6.3...
CVE-2023-4455
Cross-Site Request Forgery (CSRF) in wallabag/wallabag prior to 2.6.3. Public sources describe an attacker‑facing flaw in the delete API flow (DeveloperController.php) where CSRF validation is insufficient, enabling arbitrary API key deletion via a crafted GET to /developer/client/delete/{id}. CV...