CVE-2024-29499

Name of the Vulnerable Software and Affected Versions Anchor CMS version 0.12.7

Description A Cross-Site Request Forgery (CSRF) issue was discovered in Anchor CMS. The issue is related to the "/anchor/admin/users/delete/2" API endpoint. This allows for potentially unauthorized actions to be performed on the system.

Recommendations For Anchor CMS version 0.12.7, as a temporary workaround, consider restricting access to the "/anchor/admin/users/delete/2" API endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.