PT-2018-13583 · Baigo · Baigo Cms
Publicado
2018-09-04
·
Atualizado
2018-10-25
·
CVE-2018-16458
CVSS v3.1
6.5
Média
| Vetor | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
baigo CMS version 2.1.1
Description
An issue in baigo CMS allows a CSRF attack via the index.php?m=article&c=request endpoint, potentially causing the publication of any article.
Recommendations
For baigo CMS version 2.1.1, consider disabling the
c=request functionality in the index.php?m=article&c=request endpoint as a temporary workaround until a patch is available. Restrict access to this endpoint to minimize the risk of exploitation.Exploit
Correção
CSRF
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Baigo Cms