First published: Fri Jun 10 2022(Updated: )
A Cross Site Request Forgery (CSRF) vulnerability exists in TheDayLightStudio Fuel CMS 1.5.0 via a POST call to /fuel/sitevariables/delete/4.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
TheDayLightStudio Fuel CMS | =1.5.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-44117 is a Cross Site Request Forgery (CSRF) vulnerability in TheDayLightStudio Fuel CMS 1.5.0.
CVE-2021-44117 affects TheDayLightStudio Fuel CMS 1.5.0.
CVE-2021-44117 has a severity rating of 8.8 (High).
CVE-2021-44117 can be exploited by making a POST call to /fuel/sitevariables/delete/4.
Yes, there are references available for CVE-2021-44117. You can find them at the following URLs: [https://github.com/warmachine-57/CVE-2021-44117/blob/main/CSRF%20in%20FuelCMS](https://github.com/warmachine-57/CVE-2021-44117/blob/main/CSRF%20in%20FuelCMS) and [https://www.getfuelcms.com/](https://www.getfuelcms.com/).