A CSRF vulnerability in Pagekit 1.0.17 allows an malicious user to upload an arbitrary file by removing the CSRF token from a request.
pagekit pagekit 1.0.17