FUEL CMS 1.4.13 contains a cross-site request forgery (CSRF) vulnerability #579

leerina · 2021-07-02T02:35:59Z

FUEL CMS 1.4.13 contains a cross-site request forgery (CSRF) vulnerability that can delete a Permission via a post ID to /permissions/delete/2

POC：

The page:

daylightstudio pushed a commit that referenced this issue Jul 2, 2021

fix: for issue #578 and #579

5bebe56

daylightstudio closed this as completed Jul 2, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

FUEL CMS 1.4.13 contains a cross-site request forgery (CSRF) vulnerability #579

FUEL CMS 1.4.13 contains a cross-site request forgery (CSRF) vulnerability #579

leerina commented Jul 2, 2021 •

edited

Loading

FUEL CMS 1.4.13 contains a cross-site request forgery (CSRF) vulnerability #579

FUEL CMS 1.4.13 contains a cross-site request forgery (CSRF) vulnerability #579

Comments

leerina commented Jul 2, 2021 • edited Loading

leerina commented Jul 2, 2021 •

edited

Loading