2 matches found
GHSA-6WQP-7G94-F69J sensiolabs/connect has a Cross-Site Request Forgery Vulnerability
Versions of sensiolabs/connect prior to 4.2.3 are affected by a Cross-Site Request Forgery CSRF vulnerability due to the absence of the state parameter in OAuth requests. The lack of proper state parameter handling exposes applications to CSRF attacks during the OAuth authentication flow...
sensiolabs/connect has a Cross-Site Request Forgery Vulnerability
Versions of sensiolabs/connect prior to 4.2.3 are affected by a Cross-Site Request Forgery CSRF vulnerability due to the absence of the state parameter in OAuth requests. The lack of proper state parameter handling exposes applications to CSRF attacks during the OAuth authentication flow...