Vulnerabilities > CVE-2023-0737 - Unspecified vulnerability in Wallabag 2.5.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
wallabag version 2.5.2 contains a Cross-Site Request Forgery (CSRF) vulnerability that allows attackers to arbitrarily delete user accounts via the /account/delete endpoint. This issue is fixed in version 2.5.4.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |