Jeremy Benoist

5 exploits Active since Feb 2023
CVE-2023-0610 WRITEUP MEDIUM WRITEUP
Wallabag < 2.5.3 - Improper Authorization
Improper Authorization in GitHub repository wallabag/wallabag prior to 2.5.3.
CVSS 4.3
CVE-2023-0734 WRITEUP MEDIUM WRITEUP
Wallabag < 2.5.4 - Improper Authorization
Improper Authorization in GitHub repository wallabag/wallabag prior to 2.5.4.
CVSS 5.3
CVE-2023-0735 WRITEUP MEDIUM WRITEUP
Wallabag < 2.5.4 - CSRF
Cross-Site Request Forgery (CSRF) in GitHub repository wallabag/wallabag prior to 2.5.4.
CVSS 6.5
CVE-2023-0736 WRITEUP MEDIUM WRITEUP
Wallabag < 2.5.4 - XSS
Cross-site Scripting (XSS) - Stored in GitHub repository wallabag/wallabag prior to 2.5.4.
CVSS 5.4
CVE-2023-0737 WRITEUP MEDIUM WRITEUP
Wallabag < 2.5.4 - CSRF
wallabag version 2.5.2 contains a Cross-Site Request Forgery (CSRF) vulnerability that allows attackers to arbitrarily delete user accounts via the /account/delete endpoint. This issue is fixed in version 2.5.4.
CVSS 6.5