CVE-2022-44389

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions EyouCMS version 1.5.9-UTF8-SP1

Description A Cross-Site Request Forgery (CSRF) issue was discovered in the Edit Admin Profile module, allowing attackers to arbitrarily change Administrator account information.

Recommendations For EyouCMS version 1.5.9-UTF8-SP1, consider disabling the Edit Admin Profile module until a patch is available to prevent exploitation of the CSRF issue. Restrict access to the Administrator account information to minimize the risk of unauthorized changes.

Fix

CSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2022-44389

Affected Products

Eyoucms

CVE-2022-44389

Weakness Enumeration

Related Identifiers

Affected Products

References · 6