PT-2021-10873 · Fork Cms · Fork Cms

Carakas

·

Published

2021-05-06

·

Updated

2021-06-22

·

CVE-2020-23264

CVSS v3.1

8.8

High

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Fork-CMS versions prior to 5.8.2
Description The issue allows remote attackers to hijack the authentication of logged administrators due to cross-site request forgery (CSRF).
Recommendations For versions prior to 5.8.2, update to version 5.8.2 or later to resolve the issue.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2020-23264
GHSA-82XF-8H9P-C6QJ

Affected Products

Fork Cms