wallabag/wallabag is vulnerable to Cross-Site Request Forgery (CSRF). The vulnerability exists in the `deleteClientAction` function of `DeveloperController.php` as it does not properly validate the CSRF token, which allows an attacker to arbitrarily delete the API key by sending a GET request to the `client/delete/{id}` endpoint.Read More
Cross-Site Request Forgery (CSRF)
