A Cross-Site Request Forgery (CSRF) vulnerability discovered in BlogEngine.Net v3.3.8.0 allows unauthenticated attackers to read arbitrary files on the hosting web server.
CPE | Name | Operator | Version |
---|---|---|---|
blogengine.net | eq | 3.3.5.0 | |
blogengine.net | eq | 3.3.7.0 | |
blogengine.net | eq | 3.3.6.0 | |
blogengine.net | eq | 3.3.8.0 |