Cross-Site Request Forgery (CSRF) vulnerability in SwiftyEdit Content Management System prior to v1.2.0, allows remote attackers to escalate privileges via the user password update functionality.
References
Configurations
History
24 Jan 2024, 08:15
Type | Values Removed | Values Added |
---|---|---|
Summary | Cross-Site Request Forgery (CSRF) vulnerability in SwiftyEdit Content Management System prior to v1.2.0, allows remote attackers to escalate privileges via the user password update functionality. | |
References |
|
29 Nov 2023, 02:25
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/SwiftyEdit/SwiftyEdit/commit/90a6f3df16cd1578b2827d7b2e073451f7ce4e47 - Patch | |
First Time |
Swiftyedit swiftyedit
Swiftyedit |
|
CWE | CWE-352 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
CPE | cpe:2.3:a:swiftyedit:swiftyedit:*:*:*:*:*:*:*:* |
22 Nov 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-22 16:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-47350
Mitre link : CVE-2023-47350
CVE.ORG link : CVE-2023-47350
JSON object : View
Products Affected
swiftyedit
- swiftyedit
CWE
CWE-352
Cross-Site Request Forgery (CSRF)