Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Piranha CMS - Site-wide Cross-Site Request Forgery (CSRF)
Vulnerability Description
In PiranhaCMS, versions 4.0.0-alpha1 to 9.2.0 are vulnerable to cross-site request forgery (CSRF) when performing various actions supported by the management system, such as deleting a user, deleting a role, editing a post, deleting a media folder etc., when an ID is known.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
PiranhaCms 跨站请求伪造漏洞
Vulnerability Description
PiranhaCms是一个用作 .Net5 的友好的以编辑器为中心的 Cms。用于集成 Cms 或无头 Api。 PiranhaCMS 4.0.0-alpha1版本到 9.2.0版本存在跨站请求伪造漏洞,该漏洞源于软件在执行管理系统支持的各种操作时,如删除用户、删除角色、编辑帖子、删除媒体文件夹等,缺少针对跨站请求伪造的检查校验。
CVSS Information
N/A
Vulnerability Type
N/A