Vulnerabilities > LQD > Liquid Speech Balloon > 1.1.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-10 | CVE-2023-27889 | Cross-Site Request Forgery (CSRF) vulnerability in LQD Liquid Speech Balloon Cross-site request forgery (CSRF) vulnerability in LIQUID SPEECH BALLOON versions prior to 1.2 allows a remote unauthenticated attacker to hijack the authentication of a user and to perform unintended operations by having a user view a malicious page. | 8.8 |