Cross-Site Request Forgery Vulnerability in Pagekit CMS by Pagekit
CVE-2019-19013

8.8HIGH

Key Information:

Vendor: Pagekit
Status: Pagekit
Vendor: CVE Published:; 22 November 2019

What is CVE-2019-19013?

A Cross-Site Request Forgery (CSRF) vulnerability exists in Pagekit CMS version 1.0.17, allowing attackers to manipulate requests without the user's consent. By exploiting this flaw, an attacker can bypass the security measure of CSRF tokens, enabling unauthorized file uploads to the server. This could potentially lead to further exploitation of the affected system, emphasizing the importance of timely updates and security measures to protect against such vulnerabilities.

References

https://packetstormsecurity.com/files/155426/Pagekit-CMS-...

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 22, 2019
Vulnerability Reserved
Nov 17, 2019

CVE-2019-19013 Data

JSON