Filtered by vendor Sqlite-web Project
Subscriptions
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-23404 | 1 Sqlite-web Project | 1 Sqlite-web | 2024-11-21 | 7.6 High |
This affects all versions of package sqlite-web. The SQL dashboard area allows sensitive actions to be performed without validating that the request originated from the application. This could enable an attacker to trick a user into performing these actions unknowingly through a Cross Site Request Forgery (CSRF) attack. |
Page 1 of 1.