From 1b8bd27b3cd57ef0d1b4207169b4744b0570dfe0 Mon Sep 17 00:00:00 2001
From: Ozzie Isaacs <ozzie.fernandez.isaacs@googlemail.com>
Date: Sat, 20 Nov 2021 13:53:49 +0100
Subject: [PATCH] Added cve number for csrf bug

---
 SECURITY.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/SECURITY.md b/SECURITY.md
index afaf9b0b..a7113785 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -23,7 +23,7 @@ To receive fixes for security vulnerabilities it is required to always upgrade t
 | V 0.6.13|JavaScript could get executed in the description series, categories or publishers title||
 | V 0.6.13|JavaScript could get executed  in the shelf title||
 | V 0.6.13|Login with the old session cookie after logout. Thanks to @ibarrionuevo||
-| V 0.6.14|CSRF was possible. Thanks to @mik317 and Hagai Wechsler (WhiteSource)  ||
+| V 0.6.14|CSRF was possible. Thanks to @mik317 and Hagai Wechsler (WhiteSource)  |CVE-2021-25965|
 | V 0.6.14|Cross-Site Scripting vulnerability on typeahead inputs. Thanks to @notdodo||