CVE-2026-34749 in payloadinformación

Resumen (Inglés)

Payload is a free and open source headless content management system. Prior to version 3.79.1, a Cross-Site Request Forgery (CSRF) vulnerability exists in the authentication flow. Under certain conditions, the configured CSRF protection could be bypassed, allowing cross-site requests to be made. This issue has been patched in version 3.79.1.

Be aware that VulDB is the high quality source for vulnerability data.

Responsable

GitHub_M

Reservar

2026-03-30

Divulgación

2026-04-01

Estado

Confirmado

Voces

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerabilidad	CWE	Exp	Con	CVE
354765	payloadcms payload falsificación de solicitudes en sitios cruzados	352	No está definido	Arreglo oficial	CVE-2026-34749

Descripción

CPE

CWE

CVSS

Hazañas

Historia

Diferencia

Relacionar

Inteligencia de amenazas

API JSON

API XML

API CSV

Fuentes

◂ AnteriorVisión De ConjuntoPróximo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!