Description
The console in Togglz before 2.9.4 allows CSRF.
Remediation
References
https://github.com/advisories/GHSA-697v-pxg3-j262
https://github.com/togglz/togglz/commit/ed66e3f584de954297ebaf98ea4a235286784707
https://github.com/togglz/togglz/pull/495
Related Vulnerabilities
CVE-2016-1000338 Vulnerability in maven package org.bouncycastle:bcprov-jdk15on
CVE-2019-19466 Vulnerability in npm package sceditor
CVE-2022-41929 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore
CVE-2022-40955 Vulnerability in maven package org.apache.inlong:manager-pojo
CVE-2020-15156 Vulnerability in npm package nodebb-plugin-blog-comments