2 matches found
CVE-2024-28680
DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /dede/diyadd.php...
CVE-2024-28680
DedeCMS v5.7 contains a CSRF vulnerability in the /dede/diy_add.php endpoint. The issue enables cross-site request forgery, potentially allowing an attacker to perform state-changing actions on behalf of an authenticated user. The available sources consistently identify DedeCMS v5.7 as affected; ...