GHSA-RCM2-22F3-PQV3 Firebase vulnerable to CRSF attack

This vulnerability was a potential CSRF attack. When running the Firebase emulator suite, there is an export endpoint that is used normally to export data from running emulators. If a user was running the emulator and navigated to a malicious website with the exploit on a browser that allowed cal...

CVE-2024-4128 CSRF in firebase-tools emulator suite

This vulnerability was a potential CSRF attack. When running the Firebase emulator suite, there is an export endpoint that is used normally to export data from running emulators. If a user was running the emulator and navigated to a malicious website with the exploit on a browser that allowed cal...

CVE-2024-4128

The CVE-2024-4128 issue affects the Firebase tools emulator suite (firebase-tools). A CSRF vulnerability exists via the export endpoint that can allow a malicious website to exfiltrate emulator data when a user with the emulator open visits the site if localhost calls are possible. Affected compo...

PT-2024-29345 · Firebase · Firebase-Tools

Name of the Vulnerable Software and Affected Versions: firebase-tools versions prior to 13.6.0 Description: This issue is related to a potential CSRF attack. When running the Firebase emulator suite, there is an export endpoint used to export data from running emulators. If a user is running the...