Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component anchor/routes/posts.php. This vulnerability allows attackers to arbitrarily delete posts.
{ "nvd_published_at": "2022-03-24T23:15:00Z", "github_reviewed_at": "2022-03-30T18:05:15Z", "severity": "MODERATE", "github_reviewed": true, "cwe_ids": [ "CWE-352" ] }