Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-33359)

Description

Piwigo 13.6.0 is vulnerable to Cross Site Request Forgery (CSRF) in the "add tags" function.

Remediation

References

Related Vulnerabilities

Moodle Improper Check for Unusual or Exceptional Conditions Vulnerability (CVE-2024-43435)

Chamilo Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-4225)

WordPress Plugin WP Rollback Multiple Vulnerabilities (1.2.2)

WordPress Plugin Password Protected Unspecified Vulnerability (2.0)

WordPress 3.9.x Prototype Pollution (3.9 - 3.9.35)

Severity

Medium

Classification

CVE-2023-33359 CWE-352 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities