nvd-json-data-feeds/CVE-2023/CVE-2023-349xx/CVE-2023-34927.json

{
  "id": "CVE-2023-34927",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-06-22T13:15:10.383",
  "lastModified": "2023-06-22T14:49:18.643",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "Casdoor v1.331.0 and below was discovered to contain a Cross-Site Request Forgery (CSRF) in the endpoint /api/set-password. This vulnerability allows attackers to arbitrarily change the victim user's password via supplying a crafted URL."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://casdoor.org/",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://gist.github.com/omriman067/4e90a3a4ffa40984f011d8777a995469",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://github.com/casdoor/casdoor/issues/1531",
      "source": "cve@mitre.org"
    }
  ]
}
Auto-Update: 2023-06-22T14:00:29.322535+00:00 2023-06-22 14:00:32 +00:00			`{`
			`"id": "CVE-2023-34927",`
			`"sourceIdentifier": "cve@mitre.org",`
			`"published": "2023-06-22T13:15:10.383",`
Auto-Update: 2023-06-22T16:00:25.580011+00:00 2023-06-22 16:00:29 +00:00			`"lastModified": "2023-06-22T14:49:18.643",`
			`"vulnStatus": "Awaiting Analysis",`
Auto-Update: 2023-06-22T14:00:29.322535+00:00 2023-06-22 14:00:32 +00:00			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "Casdoor v1.331.0 and below was discovered to contain a Cross-Site Request Forgery (CSRF) in the endpoint /api/set-password. This vulnerability allows attackers to arbitrarily change the victim user's password via supplying a crafted URL."`
			`}`
			`],`
			`"metrics": {},`
			`"references": [`
			`{`
			`"url": "https://casdoor.org/",`
			`"source": "cve@mitre.org"`
			`},`
			`{`
			`"url": "https://gist.github.com/omriman067/4e90a3a4ffa40984f011d8777a995469",`
			`"source": "cve@mitre.org"`
			`},`
			`{`
			`"url": "https://github.com/casdoor/casdoor/issues/1531",`
			`"source": "cve@mitre.org"`
			`}`
			`]`
			`}`