VYPR
Unrated severityNVD Advisory· Published Nov 16, 2023· Updated Aug 14, 2024

CVE-2023-43275

CVE-2023-43275

Description

Cross-Site Request Forgery (CSRF) vulnerability in DedeCMS v5.7 in 110 backend management interface via /catalog_add.php, allows attackers to create crafted web pages due to a lack of verification of the token value of the submitted form.

Affected products

2
  • Dedecms/Dedecmscpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: =5.7 (build 110)

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.