CVE-2023-34927
published 2023-06-22CVE-2023-34927: Casdoor v1.331.0 and below was discovered to contain a Cross-Site Request Forgery (CSRF) in the endpoint /api/set-password. This vulnerability allows attackers…
PriorityP342medium6.5CVSS 3.1
AVNACLPRNUIRSUCNIHAN
EXPLOIT
EPSS
3.09%
86.1th percentile
Casdoor v1.331.0 and below was discovered to contain a Cross-Site Request Forgery (CSRF) in the endpoint /api/set-password. This vulnerability allows attackers to arbitrarily change the victim user's password via supplying a crafted URL.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| casbin | casdoor | <= 1.331.0 | — |
| github.com | casdoor_casdoor | 0 – 1.331.0 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Casdoor Cross-Site Request Forgery vulnerability
ghsa·2023-06-22
CVE-2023-34927 [MEDIUM] CWE-352 Casdoor Cross-Site Request Forgery vulnerability
Casdoor Cross-Site Request Forgery vulnerability
Casdoor v1.331.0 and below was discovered to contain a Cross-Site Request Forgery (CSRF) in the endpoint `/api/set-password`. This vulnerability allows attackers to arbitrarily change the victim user's password via supplying a crafted URL.
OSV
Casdoor Cross-Site Request Forgery vulnerability
osv·2023-06-22
CVE-2023-34927 [MEDIUM] Casdoor Cross-Site Request Forgery vulnerability
Casdoor Cross-Site Request Forgery vulnerability
Casdoor v1.331.0 and below was discovered to contain a Cross-Site Request Forgery (CSRF) in the endpoint `/api/set-password`. This vulnerability allows attackers to arbitrarily change the victim user's password via supplying a crafted URL.
No detection rules found.
Exploit-DB
Casdoor 2.95.0 - Cross-Site Request Forgery (CSRF)
exploitdb·2025-10-29·CVSS 6.5
CVE-2023-34927 [MEDIUM] Casdoor 2.95.0 - Cross-Site Request Forgery (CSRF)
Casdoor 2.95.0 - Cross-Site Request Forgery (CSRF)
---
# Exploit Title: Casdoor 2.95.0 - Cross-Site Request Forgery (CSRF)
# Application: Casdoor
# Version: v2.95.0 (2025-10-22)
# Date: 2025-10-23
# Exploit Author: Van Lam Nguyen
# Vendor Homepage: https://casdoor.org/
# Software Link: https://github.com/casdoor/casdoor/archive/refs/tags/v2.95.0.zip
# Tested on: Windows
# CVE : CVE-2023-34927 ( latest yet to be assigned)
Overview
Casdoor v2.95.0 and below was discovered to contain a Cross-Site Request Forgery (CSRF) in the endpoint /api/set-password.
This vulnerability allows attackers to arbitrarily change the victim user's password via supplying a crafted URL.
Proof of Concept
Made an unauthorized request to /api/set-password that bypassed the old password entry authentication step
Exploit-DB
Casdoor 2.55.0 - Cross-Site Request Forgery (CSRF)
exploitdb·2025-09-16·CVSS 6.5
CVE-2023-34927 [MEDIUM] Casdoor 2.55.0 - Cross-Site Request Forgery (CSRF)
Casdoor 2.55.0 - Cross-Site Request Forgery (CSRF)
---
# Exploit Title: Casdoor 2.55.0 - Cross-Site Request Forgery (CSRF)
# Application: Casdoor
# Version: 2.55.0
# Date: 09/10/2025
# Exploit Author: Van Lam Nguyen
# Facebook: vanlam1412
# Vendor Homepage: https://casdoor.org/
# Software Link: https://github.com/casdoor/casdoor/archive/refs/tags/v2.55.0.zip
# Tested on: Windows
# CVE : CVE-2023-34927 ( latest yet to be assigned)
Overview
Casdoor v2.55.0 and below was discovered to contain a Cross-Site Request Forgery (CSRF) in the endpoint /api/set-password.
This vulnerability allows attackers to arbitrarily change the victim user's password via supplying a crafted URL.
Proof of Concept
Made an unauthorized request to /api/set-password that bypassed the old password entry authenticat
Exploit-DB
Casdoor < v1.331.0 - '/api/set-password' CSRF
exploitdb·2024-04-02·CVSS 6.5
CVE-2023-34927 [MEDIUM] Casdoor < v1.331.0 - '/api/set-password' CSRF
Casdoor
history.pushState('', '', '/');
document.forms[0].submit();
If a user is logged into the Casdoor Webapp at time of execution, a new user will be created in the app with the following credentials
userOwner: built-in
userName: admin
newPassword: hacked
No writeups or analysis indexed.
2023-06-22
Published