Cross-Site Request Forgery (CSRF) vulnerability in SwiftyEdit Content Management System prior to v1.2.0, allows remote attackers to escalate privileges via the user password update functionality.
References
Configurations
History
21 Nov 2024, 08:30
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/SwiftyEdit/SwiftyEdit/commit/90a6f3df16cd1578b2827d7b2e073451f7ce4e47 - Patch | |
References | () https://mechaneus.github.io/CVE-2023-47350.html - |
24 Jan 2024, 08:15
Type | Values Removed | Values Added |
---|---|---|
Summary | Cross-Site Request Forgery (CSRF) vulnerability in SwiftyEdit Content Management System prior to v1.2.0, allows remote attackers to escalate privileges via the user password update functionality. | |
References |
|
29 Nov 2023, 02:25
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
References | () https://github.com/SwiftyEdit/SwiftyEdit/commit/90a6f3df16cd1578b2827d7b2e073451f7ce4e47 - Patch | |
CPE | cpe:2.3:a:swiftyedit:swiftyedit:*:*:*:*:*:*:*:* | |
First Time |
Swiftyedit swiftyedit
Swiftyedit |
|
CWE | CWE-352 |
22 Nov 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-22 16:15
Updated : 2024-11-21 08:30
NVD link : CVE-2023-47350
Mitre link : CVE-2023-47350
CVE.ORG link : CVE-2023-47350
JSON object : View
Products Affected
swiftyedit
- swiftyedit
CWE
CWE-352
Cross-Site Request Forgery (CSRF)