CVE-2020-23522

MEDIUM

Pixelimity 1.0 - CSRF

Title source: llm

Pixelimity 1.0 has cross-site request forgery via the admin/setting.php data [Password] parameter.

exploitdb WORKING POC

by Noth · htmlwebappsmultiple

CVSS v3 6.8

EPSS 0.0019

EPSS Percentile 40.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-352

Status published

Products (1)

pixelimity/pixelimity 1.0

Published Jan 19, 2021

Tracked Since Feb 18, 2026