CVE-2022-28921

Publication date

2022-05-18 17:11:02

Family

mitre

State

PUBLISHED

Description

A Cross-Site Request Forgery (CSRF) vulnerability discovered in BlogEngine.Net v3.3.8.0 allows unauthenticated attackers to read arbitrary files on the hosting web server.