9 matches found
GHSA-5F56-H6FG-RCRH Cross-Site Request Forgery in JFinalCMS via /admin/category/updateStatus
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/category/updateStatus...
CVE-2023-49397
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/category/updateStatus...
CVE-2023-49397
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/category/updateStatus...
CVE-2023-49397
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/category/updateStatus...
Cross site request forgery (csrf)
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/category/updateStatus...
PT-2023-31203 · Jfinalcms · Jfinalcms
Name of the Vulnerable Software and Affected Versions: JFinalCMS version 5.0.0 Description: A Cross-Site Request Forgery CSRF issue was found in JFinalCMS. The vulnerability can be exploited via the "/admin/category/updateStatus" API endpoint. Recommendations: For JFinalCMS version 5.0.0, as a...
CVE-2023-49397
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/category/updateStatus...
CVE-2023-49397
JFinalCMS v5.0.0 contains a CSRF vulnerability exploitable via the /admin/category/updateStatus endpoint. Root cause: Cross-Site Request Forgery on a sensitive admin action. Impact is described as high (CVSS v3.1: 8.8; Confidentiality, Integrity, Availability all High). Exploitation details are n...
JFinalCMS Security Vulnerability
JFinalCMS is a content management system developed by heyewei. A security vulnerability exists in JFinalCMS v5.0.0, which originates from a cross-site request forgery vulnerability in the /admin/category/updateStatus component...