CVE-2024-7065
Severity:
MEDIUM
Type:
CWE-352
Cross-Site Request Forgery (CSRF)
Publication date:
24/07/2024
Last modified:
24/07/2024
Description
A vulnerability was found in Spina CMS up to 2.18.0. It has been classified as problematic. Affected is an unknown function of the file /admin/pages/. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-272346 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Impact
Base Score 3.x
4.30
Severity 3.x
MEDIUM
Base Score 2.0
5.00
Severity 2.0
MEDIUM