Csrf-magic Project Csrf-magic — known CVE vulnerabilities
Every CVE whose affected-product data names Csrf-magic Project Csrf-magic, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (1)
CVE-2013-7464 — CVSS 8.8 (high): In csrf-magic before 1.0.4, if $GLOBALS['csrf']['secret'] is not configured, the Anti-CSRF Token used is predictable and would permit an…