CVE-2024-41597
ProcessWire v3.0.229 is vulnerable to Cross-Site Request Forgery via its comments functionality, allowing a remote attacker to execute arbitrary code through a crafted HTML file. The connected PT-Security entry recommends updating to a newer version that includes a fix. No exploit details are pro...