JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/slide/delete.
References
Link | Resource |
---|---|
https://github.com/li-yu320/cms/blob/main/There%20is%20a%20CSRF%20at%20the%20deletion%20point%20of%20the%20broadcast%20image.md | Exploit Vendor Advisory |
Configurations
History
No history.
Information
Published : 2023-12-05 15:15
Updated : 2023-12-09 04:50
NVD link : CVE-2023-49373
Mitre link : CVE-2023-49373
CVE.ORG link : CVE-2023-49373
JSON object : View
Products Affected
jfinalcms_project
- jfinalcms
CWE
CWE-352
Cross-Site Request Forgery (CSRF)