The cross-site request forgery token in the request may be predictable or easily guessable allowing attackers to craft a malicious request, which could be triggered by a victim unknowingly. In a successful CSRF attack, the attacker could lead the victim user to carry out an action unintentionally.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: icscert
Published: 2024-02-06T21:16:48.926Z
Updated: 2024-08-02T17:46:56.268Z
Reserved: 2023-10-12T20:21:27.767Z
Link: CVE-2023-38579
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2024-02-06T22:16:12.910
Modified: 2024-02-13T21:56:17.013
Link: CVE-2023-38579
Redhat
No data.