Cross-Site Request Forgery (CSRF) in nuget/Piranha
Cross-Site Request Forgery (CSRF)
PiranhaCMS is vulnerable to cross-site request forgery (CSRF) when performing various actions supported by the management system, such as deleting a user, deleting a role, editing a post, deleting a media folder etc., when an ID is known.
All versions starting from 4.0.0 up to 9.2
Unfortunately, there is no solution available yet.