CVE-2020-25262

Cross-Site Request Forgery (CSRF) in packagist/pyrocms/pyrocms

Identifiers

CVE-2020-25262

Package Slug

packagist/pyrocms/pyrocms

Vulnerability

Cross-Site Request Forgery (CSRF)

Description

PyroCMS is vulnerable to cross-site request forgery (CSRF) via the admin/pages/delete/ URI: pages will be deleted.

Affected Versions

Version 3.7

Solution

Upgrade to version 3.7.1 or above.

Last Modified

2020-10-21

source