CVE-2023-48912: CSRF
First published: Thu Nov 30 2023(Updated: )
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/archives/edit.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| iteachyou Dreamer CMS | =4.1.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-48912?
CVE-2023-48912 is a vulnerability in Dreamer CMS v4.1.3 that allows for Cross-Site Request Forgery (CSRF) attacks.
How does the CSRF vulnerability in Dreamer CMS v4.1.3 work?
The vulnerability in Dreamer CMS v4.1.3 allows an attacker to trick authenticated users into performing unwanted actions on the application.
What is the severity of CVE-2023-48912?
The severity of CVE-2023-48912 is rated as high (8.8).
How can I fix the CSRF vulnerability in Dreamer CMS v4.1.3?
To fix the CSRF vulnerability, it is recommended to apply a patch or upgrade to the latest version of Dreamer CMS.
Where can I find more information about CVE-2023-48912?
More information about CVE-2023-48912 can be found at the following link: [Link](https://github.com/Tiamat-ron/cms/blob/main/There%20is%20a%20csrf%20in%20the%20article%20management%20modification%20section.md).
- agent/type
- agent/event
- agent/first-publish-date
- agent/author
- agent/references
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/weakness
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- agent/software-canonical-lookup-request
- vendor/iteachyou
- canonical/iteachyou dreamer cms
- version/iteachyou dreamer cms/4.1.3