Lucene search
Veracode Vulnerability DatabaseVERACODE:38660HistoryDec 27, 2022 - 5:05 a.m.
Cross Site Request Forgery (CSRF)
2022-12-2705:05:18
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
cross site request forgery
validation
session management
sensitive information
rdiffweb
EPSS
0.001
Percentile
30.1%
rdiffweb is vulnerable to cross site request forgery. The vulnerability exists in run function of auth_form.py due to lack of validation of session management which allows an attacker to gain access to sensitive information in the system.
Related
osv
osv
CVE-2022-4646
2022-12-22 02:15:08
rdiffweb vulnerable to Cross-Site Request Forgery
2022-12-22 03:30:18
PYSEC-2022-43004
2022-12-22 02:15:00
cvelist
cvelist
CVE-2022-4646 Cross-Site Request Forgery (CSRF) in ikus060/rdiffweb
2022-12-22 00:00:00
github
github
rdiffweb vulnerable to Cross-Site Request Forgery
2022-12-22 03:30:18
cve
cve
CVE-2022-4646
2022-12-22 02:15:08
prion
prion
Cross site request forgery (csrf)
2022-12-22 02:15:00
huntr
huntr
Lack of CSRF Token in Logout
2022-12-05 06:41:25
nvd
nvd
CVE-2022-4646
2022-12-22 02:15:08