CVE-2023-2307: Cross-Site Request Forgery (CSRF)
(updated )
Cross-Site Request Forgery (CSRF) in GitHub repository builderio/qwik prior to 0.104.0.
References
- github.com/BuilderIO/qwik/commit/f434d335277418f5bd8dd90fae5cb089e1230cb8
- github.com/BuilderIO/qwik/pull/3862/commits/09190b70027354baf7ad3d208df9c05a87f75f57
- github.com/BuilderIO/qwik/releases/tag/v0.104.0
- github.com/advisories/GHSA-c54w-7j5f-xg98
- huntr.dev/bounties/204ea12e-9e5c-4166-bf0e-fd49c8836917
- nvd.nist.gov/vuln/detail/CVE-2023-2307
Code Behaviors & Features
Detect and mitigate CVE-2023-2307 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →