CVE-2020-36623
Pengu (affected component: runApp in src/index.js) has a cross-site request forgery vulnerability that can be exploited remotely. The CVE notes the issue and references a patch named aea66f12b8cdfc3c8c50ad6a9c89d8307e9d0a91 (VDB-216475). No explicit versions, attack vectors beyond remote executio...