4 matches found
GHSA-5PM7-CP8F-P2C2 wallabag/wallabag Has Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities
Impact wallabag versions prior to 2.6.11 were discovered to contain multiple Cross-Site Request Forgery CSRF vulnerabilities across several endpoints. An attacker could craft a malicious link or page that, if visited by a logged-in wallabag user, could trick the user's browser into performing...
CVE-2023-0737
wallabag version 2.5.2 contains a Cross-Site Request Forgery CSRF vulnerability that allows attackers to arbitrarily delete user accounts via the /account/delete endpoint. This issue is fixed in version 2.5.4...
CVE-2023-0737
wallabag version 2.5.2 contains a Cross-Site Request Forgery CSRF vulnerability that allows attackers to arbitrarily delete user accounts via the /account/delete endpoint. This issue is fixed in version 2.5.4...
CVE-2023-0737 CSRF in wallabag/wallabag
wallabag version 2.5.2 contains a Cross-Site Request Forgery CSRF vulnerability that allows attackers to arbitrarily delete user accounts via the /account/delete endpoint. This issue is fixed in version 2.5.4...