CVE-2023-0737
- Reference to the description:
- Description:
- wallabag version 2.5.2 contains a Cross-Site Request Forgery (CSRF) vulnerability that allows attackers to arbitrarily delete user accounts via the /account/delete endpoint. This issue is fixed in version 2.5.4.
- Last updated date:
- 11/19/2024
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 11/19/2024
- Reference url to background
https://huntr.com/bounties/4ba20fe7-4061-4dfb-ab2f-ecaf110641a5