CVE-2023-0735: Cross-Site Request Forgery (CSRF)

February 7, 2023 (updated February 15, 2023)

Cross-Site Request Forgery (CSRF) in GitHub repository wallabag/wallabag prior to 2.5.4.

References

github.com/advisories/GHSA-2qxp-xmx6-cq4f
github.com/wallabag/wallabag/commit/268372dbbdd7ef87b84617fdebf95d0a86caf7dc
huntr.dev/bounties/8bc78cb1-b10b-4152-842e-ceb999fc5508
nvd.nist.gov/vuln/detail/CVE-2023-0735

Code Behaviors & Features

Detect and mitigate CVE-2023-0735 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →