CVE-2023-34927

Posted on by admin

CVE-2023-34927

Casdoor v1.331.0 and below was discovered to contain a Cross-Site Request Forgery (CSRF) in the endpoint /api/set-password. This vulnerability allows attackers to arbitrarily change the victim user’s password via supplying a crafted URL.

Source: CVE-2023-34927

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다