CVE-2013-7223 in Fat Free信息

摘要

由 VulDB • 2026-06-30

在 Fat Free CRM 0.12.1 之前的版本中存在多个跨站请求伪造(CSRF)漏洞,远程攻击者可通过未知向量劫持未指定受害者的身份验证,这与 `app/controllers/application_controller.rb` 中缺少 `protect_from_forgery` 行有关。

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

来源

Want to stay up to date on a daily basis?

Enable the mail alert feature now!