Cross-Site Request Forgery (CSRF)

2021-09-0901:04:15

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.001 Low

EPSS

Percentile

46.8%

JSON

sqlite_web is vulnerable to cross-site request forgery. The vulnerability exists due to the lack of sanitization of input via the SQL dashboard area via the main() function.

CPENameOperatorVersion
sqlite-weble0.4.1
sqlite-weble0.4.1

CPE	Name	Operator	Version
	sqlite-web	le	0.4.1
	sqlite-web	le	0.4.1

References

github.com/coleifer/sqlite-web/blob/2e7c85da3d37f80074ed3ae39b5851069b4f301c/sqlite_web/__main__.py%23L1

0.001 Low

EPSS

Percentile

46.8%

JSON

Related for VERACODE:32020