CVE-2021-23404

Name of the Vulnerable Software and Affected Versions sqlite-web versions (all versions)

Description The issue concerns a lack of validation for requests in the SQL dashboard area, allowing sensitive actions to be performed without proper verification of the request's origin. This could enable an attacker to trick a user into performing unintended actions through a Cross Site Request Forgery (CSRF) attack.

Recommendations For all versions, consider implementing proper request validation to ensure that actions in the SQL dashboard area originate from the application, mitigating the risk of CSRF attacks. As a temporary workaround, restrict access to the SQL dashboard area to minimize the risk of exploitation.