CSRF Vulnerability in SwiftyEdit CMS v1.2.0: Privilege Escalation via User Password Update

CSRF Vulnerability in SwiftyEdit CMS v1.2.0: Privilege Escalation via User Password Update

CVE-2023-47350 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Cross-Site Request Forgery (CSRF) vulnerability in SwiftyEdit Content Management System prior to v1.2.0, allows remote attackers to escalate privileges via the user password update functionality.

Learn more about our User Device Pen Test.