GMS-2021-139: Cross-Site Request Forgery (CSRF)

April 22, 2021 (updated October 8, 2021)

Cross-Site Request Forgery (CSRF) in com.vaadin:flow-client.

References

github.com/advisories/GHSA-6hgr-2g6q-3rmc
github.com/vaadin/flow/security/advisories/GHSA-6hgr-2g6q-3rmc

Detect and mitigate GMS-2021-139 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →