4 matches found
CVE-2024-28671
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /dede/stepselectmain.php...
CVE-2024-28671
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /dede/stepselectmain.php...
CVE-2024-28671
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /dede/stepselectmain.php...
CVE-2024-28671
CVE-2024-28671 affects DedeCMS v5.7 with a CSRF vulnerability exploitable via /dede/stepselect_main.php. Root cause: cross-site request forgery leading to unauthorized state-changing actions. CVSSv3.1 base score 8.8 (HIGH) with Network attack vector, low attack complexity, no privileges required ...