CVE-2023-32625

Name of the Vulnerable Software and Affected Versions TS Webfonts for SAKURA versions 3.1.2 and earlier

Description A cross-site request forgery (CSRF) issue allows a remote unauthenticated attacker to hijack the authentication of a user and change settings by having the user view a malicious page.

Recommendations For versions 3.1.2 and earlier, consider implementing anti-CSRF measures, such as token-based validation, to prevent unauthorized changes to settings. As a temporary workaround, restrict access to sensitive settings until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.