Security Advisory

CVE-2021-23404

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-09-08 10:50:10

Last updated 2024-09-16 18:29:23

Assigner snyk

State PUBLISHED

Description

This affects all versions of package sqlite-web. The SQL dashboard area allows sensitive actions to be performed without validating that the request originated from the application. This could enable an attacker to trick a user into performing these actions unknowingly through a Cross Site Request Forgery (CSRF) attack.

← Browse all CVEs View on cve.org ↗