CVE-2019-11375

Name of the Vulnerable Software and Affected Versions Msvod version 10

Description The issue allows an attacker to change user information via the "admin/member/edit.html" API endpoint. This is achieved through a CSRF vulnerability, which can be exploited to modify user data without the user's knowledge or consent.

Recommendations For Msvod version 10, update to a version that includes a fix for this issue, as using the current version poses a significant risk due to the presence of the CSRF vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.