Cross-Site Request Forgery (CSRF) in GitHub repository prefecthq/prefect prior to 2.16.5.
References
Configurations
History
21 Nov 2024, 08:42
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/prefecthq/prefect/commit/227dfcc7e3374c212a4bcd68b14e090b1c02d9d3 - | |
References | () https://huntr.com/bounties/dab47d99-551c-4355-9ab1-c99cb90235af - Exploit |
15 May 2024, 11:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) Cross-Site Request Forgery (CSRF) in GitHub repository prefecthq/prefect prior to 2.16.5. | |
References |
|
30 Nov 2023, 13:15
Type | Values Removed | Values Added |
---|---|---|
Summary | An attacker is able to steal secrets and potentially gain remote code execution via CSRF using the open source Prefect web server's API. | |
CWE | CWE-352 |
24 Nov 2023, 23:05
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-16 17:15
Updated : 2024-11-21 08:42
NVD link : CVE-2023-6022
Mitre link : CVE-2023-6022
CVE.ORG link : CVE-2023-6022
JSON object : View
Products Affected
prefect
- prefect
CWE
CWE-352
Cross-Site Request Forgery (CSRF)