Vulnerabilities > Casbin > Casdoor > 1.97.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-22 | CVE-2023-34927 | Cross-Site Request Forgery (CSRF) vulnerability in Casbin Casdoor Casdoor v1.331.0 and below was discovered to contain a Cross-Site Request Forgery (CSRF) in the endpoint /api/set-password. | 6.5 |
| 2022-09-09 | CVE-2022-38638 | Path Traversal vulnerability in Casbin Casdoor 1.97.3 Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource. | 9.1 |