| Título | birkir prime <=0.4.0 CSRF |
|---|
| Descripción | In the latest version of Prime (v0.4.0), its GraphQL enables the client to make query requests based on the GET method by default. This would allow attackers to exploit this vulnerability to launch CSRF attacks against privileged users.
|
|---|
| Fuente | ⚠️ https://github.com/birkir/prime/issues/547 |
|---|
| Usuario | ZAST.AI (UID 87884) |
|---|
| Sumisión | 2026-01-04 14:48 (hace 5 meses) |
|---|
| Moderación | 2026-01-19 08:15 (15 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 341763 [birkir prime hasta 0.4.0.beta.0 falsificación de solicitudes en sitios cruzados] |
|---|
| Puntos | 16 |
|---|