Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:47164
HistoryMay 24, 2024 - 7:45 a.m.

Cross-site Request Forgery (CSRF)

2024-05-2407:45:56
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
2
sensiolabs
oauth
csrf
vulnerability
authentication

7.3 High

AI Score

Confidence

High

Sensiolabs/connect is vulnerable to Cross-Site Request Forgery (CSRF). The vulnerability is due to the absence of a state parameter in OAuth requests, which exposes applications to CSRF attacks during the OAuth authentication flow.

7.3 High

AI Score

Confidence

High