CVE-2021-25976

Cross-Site Request Forgery (CSRF) in nuget/Piranha

Identifiers

CVE-2021-25976

Package Slug

nuget/Piranha

Vulnerability

Cross-Site Request Forgery (CSRF)

Description

PiranhaCMS is vulnerable to cross-site request forgery (CSRF) when performing various actions supported by the management system, such as deleting a user, deleting a role, editing a post, deleting a media folder etc., when an ID is known.

Affected Versions

All versions starting from 4.0.0 up to 9.2

Solution

Unfortunately, there is no solution available yet.

Last Modified

2021-11-18

source