CVE-2020-22334

Name of the Vulnerable Software and Affected Versions beescms version 4

Description A Cross Site Request Forgery (CSRF) issue allows attackers to delete the administrator account via a crafted request to "/admin/admin admin.php". This can be exploited by sending a malicious request to the specified endpoint, potentially leading to unauthorized actions on the system.

Recommendations For beescms version 4, as a temporary workaround, consider implementing CSRF token validation for all requests to the "/admin/admin admin.php" endpoint to prevent unauthorized actions. Additionally, restrict access to this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.