Actions in the admin preset tool did not include the necessary token to prevent a CSRF risk.
{ "nvd_published_at": "2024-05-31T20:15:10Z", "cwe_ids": [ "CWE-352" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2024-06-04T15:54:04Z" }