Описание
Cross Site Request Forgery in Mingsoft MCMS
An issue was discovered in MCMS 5.2.7. There is a CSRF vulnerability that can add an administrator account via ms/basic/manager/save.do.
Пакеты
Наименование
net.mingsoft:ms-mcms
maven
Затронутые версииВерсия исправления
<= 5.2.7
Отсутствует
Связанные уязвимости
CVSS3: 8.8
nvd
больше 3 лет назад
An issue was discovered in MCMS 5.2.7. There is a CSRF vulnerability that can add an administrator account via ms/basic/manager/save.do.