OECMS v4.3.R60321 and v4.3 later is affected by: Cross Site Request Forgery (CSRF). The impact is: The victim clicks on adding an administrator account. The component is: admincp.php. The attack vector is: network connectivity. The fixed version is: v4.3.
References
Link | Resource |
---|---|
https://github.com/LiodAir/images/blob/master/csrf.md | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: dwf
Published: 2019-07-18T18:31:51
Updated: 2019-07-18T18:31:51
Reserved: 2019-03-20T00:00:00
Link: CVE-2019-1010112
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-07-18T19:15:11.160
Modified: 2019-07-22T18:11:25.983
Link: CVE-2019-1010112
JSON object: View
Redhat Information
No data.
CWE