| Title | birkir prime <=0.4.0 CSRF |
|---|
| Description | In the latest version of Prime (v0.4.0), its GraphQL enables the client to make query requests based on the GET method by default. This would allow attackers to exploit this vulnerability to launch CSRF attacks against privileged users.
|
|---|
| Source | ⚠️ https://github.com/birkir/prime/issues/547 |
|---|
| User | ZAST.AI (UID 87884) |
|---|
| Submission | 01/04/2026 14:48 (5 months ago) |
|---|
| Moderation | 01/19/2026 08:15 (15 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 341763 [birkir prime up to 0.4.0.beta.0 cross-site request forgery] |
|---|
| Points | 16 |
|---|