RSS   Podatności dla 'Sqlite-web'   RSS

2021-09-08
 
CVE-2021-23404

CWE-352
 

 
This affects all versions of package sqlite-web. The SQL dashboard area allows sensitive actions to be performed without validating that the request originated from the application. This could enable an attacker to trick a user into performing these actions unknowingly through a Cross Site Request Forgery (CSRF) attack.

 


Copyright 2021, cxsecurity.com

 

Back to Top