{
  "id": "CVE-2023-52431",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-02-13T05:15:08.797",
  "lastModified": "2024-02-13T14:01:07.747",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "The Plack::Middleware::XSRFBlock package before 0.0.19 for Perl allows attackers to bypass a CSRF protection mechanism via an empty form value and an empty cookie (if signed cookies are disabled)."
    },
    {
      "lang": "es",
      "value": "El paquete Plack::Middleware::XSRFBlock anterior a 0.0.19 para Perl permite a los atacantes eludir un mecanismo de protecci\u00f3n CSRF mediante un valor de formulario vac\u00edo y una cookie vac\u00eda (si las cookies firmadas est\u00e1n deshabilitadas)."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://github.com/briandfoy/cpan-security-advisory/blob/9374f98bef51e1ae887f293234050551c079776f/cpansa/CPANSA-Plack-Middleware-XSRFBlock.yml#L2-L15",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://metacpan.org/release/DAKKAR/Plack-Middleware-XSRFBlock-0.0.19/source/Changes",
      "source": "cve@mitre.org"
    }
  ]
}