Weaselcms Project: >> Weaselcms >> 0.3.5 Security Vulnerabilities
An issue was discovered in WeaselCMS v0.3.5. CSRF can update the website settings (such as the theme, title, and description) via index.php.
CVSS Score
8.8
EPSS Score
0.001
Published
2018-08-05
An issue was discovered in WeaselCMS v0.3.5. CSRF can create new pages via an index.php?b=pages&a=new URI.
CVSS Score
8.8
EPSS Score
0.001
Published
2018-08-05
An issue was discovered in WeaselCMS v0.3.5. XSS exists via Site Language, Site Title, Site Description, and Site Keywords on the SETTINGS page.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-08-03