CVE-2024-22859: Cross-Site Request Forgery (CSRF)

February 1, 2024

Cross-Site Request Forgery (CSRF) vulnerability in livewire before v3.0.4, allows remote attackers to execute arbitrary code getCsrfToken function.

References

github.com/advisories/GHSA-2cjh-75gp-34gc
github.com/livewire/livewire/commit/5d887316f2aaf83c0e380ac5e72766f19700fa3b
nvd.nist.gov/vuln/detail/CVE-2024-22859

Code Behaviors & Features

Detect and mitigate CVE-2024-22859 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →