CVE-2022-3232

Name of the Vulnerable Software and Affected Versions rdiffweb versions prior to 2.4.5

Description The issue is related to Cross-Site Request Forgery (CSRF) in the GitHub repository ikus060/rdiffweb. An attacker exploiting this vulnerability can use it to delete repositories and users.

Recommendations For versions prior to 2.4.5, update to version 2.4.5 or later to resolve the issue. As a temporary workaround, consider implementing additional validation for requests to prevent unauthorized actions. Restrict access to sensitive operations, such as repository and user deletion, to minimize the risk of exploitation.