Security Advisory

CVE-2026-31954

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-11 19:21:52

Last updated 2026-03-12 20:01:11

Assigner GitHub_M

State PUBLISHED

Description

Emlog is an open source website building system. In 2.6.6 and earlier, the delete_async action (asynchronous delete) lacks a call to LoginAuth::checkToken(), enabling CSRF attacks.

← Browse all CVEs View on cve.org ↗