Ferdi · Ferdi · CVE-2022-32320
**Name of the Vulnerable Software and Affected Versions**
Ferdi versions through 5.8.1
Ferdium versions through 6.0.0-nightly.98
**Description**
A Cross-Site Request Forgery (CSRF) issue allows attackers to read files via an uploaded file, such as a settings or preferences file.
**Recommendations**
For Ferdi versions through 5.8.1, update to a version later than 5.8.1 to resolve the issue.
For Ferdium versions through 6.0.0-nightly.98, update to a version later than 6.0.0-nightly.98 to resolve the issue.
As a temporary workaround, consider restricting the upload of files to minimize the risk of exploitation.