Описание
Duplicate Advisory: Wallabag user can delete own API client unintentionally
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-gjvc-55fw-v6vq. This link is maintained to preserve external references.
Original Description
Cross-Site Request Forgery (CSRF) in GitHub repository wallabag/wallabag prior to 2.6.3.
Пакеты
Наименование
wallabag/wallabag
composer
Затронутые версииВерсия исправления
>= 2.0.0-alpha.1, <= 2.6.2
2.6.3
6.5 Medium
CVSS3
Дефекты
CWE-352
6.5 Medium
CVSS3
Дефекты
CWE-352