CVE-2023-0044

Published: 2023-02-23T20:15Z

Last Modified: 2024-11-21T07:36Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

If the Quarkus Form Authentication session cookie Path attribute is set to `/` then a cross-site attack may be initiated which might lead to the Information Disclosure. This attack can be prevented with the Quarkus CSRF Prevention feature. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt