Vulnerabilities > Dotnetfoundation > Piranha CMS > 9.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-16 | CVE-2021-25976 | Cross-Site Request Forgery (CSRF) vulnerability in Dotnetfoundation Piranha CMS In PiranhaCMS, versions 4.0.0-alpha1 to 9.2.0 are vulnerable to cross-site request forgery (CSRF) when performing various actions supported by the management system, such as deleting a user, deleting a role, editing a post, deleting a media folder etc., when an ID is known. | 4.0 |