mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 10:41:43 +00:00
18 lines
738 B
Markdown
18 lines
738 B
Markdown
![]() |
### [CVE-2023-46699](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46699)
|
||
|

|
||
|

|
||
|
&color=brighgreen)
|
||
|
|
||
|
### Description
|
||
|
|
||
|
Cross-site request forgery (CSRF) vulnerability exists in the User settings (/me) page of GROWI versions prior to v6.0.0. If a user views a malicious page while logging in, settings may be changed without the user's intention.
|
||
|
|
||
|
### POC
|
||
|
|
||
|
#### Reference
|
||
|
No PoCs from references.
|
||
|
|
||
|
#### Github
|
||
|
- https://github.com/a-zara-n/a-zara-n
|
||
|
|