Dotnetfoundation - Piranha Cms CVE

Filtered by vendor Dotnetfoundation Subscribe

Filtered by product Piranha Cms

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-25976	1 Dotnetfoundation	1 Piranha Cms	2021-11-17	4.0 MEDIUM	8.1 HIGH
In PiranhaCMS, versions 4.0.0-alpha1 to 9.2.0 are vulnerable to cross-site request forgery (CSRF) when performing various actions supported by the management system, such as deleting a user, deleting a role, editing a post, deleting a media folder etc., when an ID is known.

Vulnerabilities (CVE)