Security Advisory
CVE-2019-9052
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete pictures via a /admin.php?action=deleteimage&var1= URI.