PT-2024-36718 · Amiro.Cms · Amiro.Cms
Published
2024-12-16
·
Updated
2025-04-23
·
CVE-2024-56116
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Amiro.CMS versions prior to 7.8.4
Description
A Cross-Site Request Forgery vulnerability in Amiro.CMS allows remote attackers to create an administrator account.
Recommendations
For Amiro.CMS versions prior to 7.8.4, update to version 7.8.4 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive account creation functionality until a patch is applied.
Exploit
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Amiro.Cms