Dreamer CMS is a dreamer content management system by Junnan Wang, an individual developer in China. A cross-site request forgery vulnerability exists in Dreamer CMS version v4.1.3, which originates from a failure to adequately validate whether a request is from a trusted user in the component /admin/archives/add, and can be exploited by an attacker to forge a malicious request to trick a victim into clicking on it to perform a sensitive operation.
CPE | Name | Operator | Version |
---|---|---|---|
dreamer cms dreamer cms v | eq | 4.1.3 |