Lucene search
Veracode Vulnerability DatabaseVERACODE:47164HistoryMay 24, 2024 - 7:45 a.m.
Cross-site Request Forgery (CSRF)
2024-05-2407:45:56
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
2
sensiolabs
oauth
csrf
vulnerability
authentication
7.3 High
AI Score
Confidence
High
Sensiolabs/connect is vulnerable to Cross-Site Request Forgery (CSRF). The vulnerability is due to the absence of a state parameter in OAuth requests, which exposes applications to CSRF attacks during the OAuth authentication flow.
7.3 High
AI Score
Confidence
High