Headline
CVE-2022-3267
Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.6.
Related news
GHSA-74j6-3hh4-w3f5: rdiffweb Cross-Site Request Forgery vulnerability
rdiffweb prior to 2.4.6 is vulnerable to cross-site request forgery on the repository settings. A malicious user can change the settings of a repository by sending a URL to the victim. This issue is fixed in version 2.4.6.