Lucene search
Veracode Vulnerability DatabaseVERACODE:34471HistoryMar 01, 2022 - 7:34 a.m.
Cross-Site Request Forgery (CSRF)
2022-03-0107:34:39
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
26
0.001 Low
EPSS
Percentile
49.3%
codeigniter4/framework is vulnerable to cross-site request forgery. When auto-routing is enabled, the library checks the request method in the controller method before processing. When auto-routing is disabled, avoid using $routes->add() and instead use HTTP verbs in routes, allowing an attacker to bypass the CSRF protection mechanism.
| CPE | Name | Operator | Version |
|---|---|---|---|
| codeigniter4/framework | le | v4.1.8 | |
| codeigniter4/framework | le | v4.1.8 |
Related
cvelist
cvelist
osv
osv
Cross-Site Request Forgery (CSRF) Protection Bypass Vulnerability in CodeIgniter4
2022-03-01 21:47:28
BIT-codeigniter-2022-24712
2024-03-06 10:53:58
CVE-2022-24712
2022-02-28 16:15:08
prion
prion
Cross site request forgery (csrf)
2022-02-28 16:15:00
friendsofphp
friendsofphp
cve
cve
CVE-2022-24712
2022-02-28 16:15:08
nvd
nvd
CVE-2022-24712
2022-02-28 16:15:08
github
github