This affects all versions of package sqlite-web. The SQL dashboard area allows sensitive actions to be performed without validating that the request originated from the application. This could enable an malicious user to trick a user into performing these actions unknowingly through a Cross Site Request Forgery (CSRF) attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sqlite-web project sqlite-web - |