PT-2022-12513 · Mblog · Mblog
Published
2022-01-19
·
Updated
2022-01-25
·
CVE-2021-46028
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
mblog versions prior to 3.5.0
Description
The issue concerns a CSRF vulnerability in the background article management. An attacker can construct a malicious link that, when clicked by an administrator, results in the deletion of an article.
Recommendations
For versions prior to 3.5.0, update to version 3.5.0 or later to resolve the issue.
Exploit
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mblog