2 matches found
CVE-2023-45902
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/attachment/delete...
CVE-2023-45902
CVE-2023-45902: Dreamer CMS v4.1.3 contains a Cross-Site Request Forgery (CSRF) in the /admin/attachment/delete component. The issue is documented across multiple feeds, with the root cause described as unauthorized requests on behalf of a user via that endpoint. CVSS 3.1 data indicates high impa...