Codedx is vulnerable to Cross-Site Request Forgery (CSRF). The vulnerability exists due to not performing several permission checks at http endpoints which allows an attacker with read permission to connect to a specific URL.
CPE | Name | Operator | Version |
---|---|---|---|
code dx plugin | le | 3.1.0 | |
code dx plugin | le | 3.1.0 |