Filtered by vendor Csrf-magic Project
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-7464 | 1 Csrf-magic Project | 1 Csrf-magic | 2024-11-21 | N/A |
| In csrf-magic before 1.0.4, if $GLOBALS['csrf']['secret'] is not configured, the Anti-CSRF Token used is predictable and would permit an attacker to bypass the CSRF protections, because an automatically generated secret is not used. | ||||
Page 1 of 1.