CVE-2023-4455: Cross-Site Request Forgery (CSRF)

August 21, 2023 (updated August 24, 2023)

Cross-Site Request Forgery (CSRF) in GitHub repository wallabag/wallabag prior to 2.6.3.

References

github.com/advisories/GHSA-gjvc-55fw-v6vq
github.com/wallabag/wallabag/commit/ffcc5c9062fcc8cd922d7d6d65edbe5efae96806
github.com/wallabag/wallabag/security/advisories/GHSA-gjvc-55fw-v6vq
huntr.dev/bounties/5ab1b206-5fe8-4737-b275-d705e76f193a/

Code Behaviors & Features

Detect and mitigate CVE-2023-4455 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →