CVE-2021-23404
pypi/sqlite-web
Cross-Site Request Forgery (CSRF)
This affects all versions of package sqlite-web. The SQL dashboard area allows sensitive actions to be performed without validating that the request originated from the application. This could enable an attacker to trick a user into performing these actions unknowingly through a Cross Site Request Forgery (CSRF) attack.
All versions
Unfortunately, there is no solution available yet.
2021-09-16
source |