PT-2018-11269 · Akcms · Akcms
Chenrui1896
·
Published
2018-06-19
·
Updated
2018-08-09
·
CVE-2018-12583
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
AKCMS version 6.1
Description
An issue was discovered that allows CSRF to delete an article via an admincp deleteitem action to "index.php".
Recommendations
For AKCMS version 6.1, consider implementing CSRF protection measures to prevent unauthorized deletion of articles, such as validating user requests and ensuring that the deleteitem action is properly authenticated.
Exploit
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Akcms