Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-48311)

Description

Piwigo v14.5.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Edit album function.

Remediation

References

Related Vulnerabilities

WordPress Plugin Pctags-Pinterest conversion tags for Pinterest Ads (advertising) + Event tracking + Site verification + WooCommerce Security Bypass (1.0.1)

WordPress Plugin Pinblocks-Gutenberg blocks with Pinterest widgets Unspecified Vulnerability (1.0.1)

Apache Tomcat Authentication Bypass Using an Alternate Path or Channel Vulnerability (CVE-2025-49125)

WebLogic CVE-2022-21441 Vulnerability (CVE-2022-21441)

Moodle Configuration Vulnerability (CVE-2012-3392)

Severity

High

Classification

CVE-2024-48311 CWE-352 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities