CVE-2020-25262

Description

PyroCMS 3.7 is vulnerable to cross-site request forgery (CSRF) via the `admin/pages/delete/` URI: pages will be deleted.

Affected packages (1)

• Packagist/pyrocms/pyrocmsfrom 0, <= 3.7

CVSS scores

References (3)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2020-25262
• PATCHhttps://github.com/pyrocms/pyrocms
• WEBhttps://gist.github.com/farid007/2af454d909fa5a60a07e4e547e99964e