Stacksmasher007

**Name of the Vulnerable Software and Affected Versions** b2evolution CMS version 7.2.3 **Description** The issue is related to a Cross-Site Request Forgery (CSRF) in the User login page, allowing attackers to escalate privileges. **Recommendations** For b2evolution CMS version 7.2.3, consider disabling the User login page until a patch is available to prevent potential privilege escalation. Restrict access to the login functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.