What the vulnerability does
01Description
Cross-Site Request Forgery (CSRF) in GitHub repository tsolucio/corebos prior to 8.
CVE-2023-3075
HIGH
CVE-2023-3075: Cross-Site Request Forgery (CSRF) in tsolucio/corebos
CVSS base score
7.5/10
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Key dates
02Disclosure timeline
June 2, 2023
CVE published
February 6, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2026-8428 CSRF token is not validated in the core CMS update controller for Concrete CMS 9.5.0 and below
CVE-2025-48238 WordPress AWcode Toolkit plugin <= 1.0.18 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability
CVE-2026-40703 BIG-IP Configuration utility CSRF vulnerability
CVE-2021-41176 logout CSRF in Pterodactyl Panel
CVE-2026-24942 WordPress WpEvently plugin <= 5.1.1 - Cross Site Request Forgery (CSRF) vulnerability
