Cscms · Cscms · CVE-2020-21238
Name of the Vulnerable Software and Affected Versions:
CSCMS version 4.0
Description:
An issue in the user login box allows attackers to hijack user accounts via brute force attacks.
Recommendations:
For CSCMS version 4.0, consider implementing rate limiting or IP blocking to mitigate the risk of brute force attacks. As a temporary workaround, restrict access to the user login box until a patch is available.