CVE-2021-33396 - OpenCVE

Cross Site Request Forgery (CSRF) vulnerability in baijiacms 4.1.4, allows attackers to change the password or other information of an arbitrary account via index.php.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Baijiacms Project	Baijiacms

Configuration 1 [-]

cpe:2.3:a:baijiacms_project:baijiacms:4.1.4:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/baijiacms/baijiacmsV4/issues/7	Exploit Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2023-02-15T00:00:00

Updated: 2023-02-15T00:00:00

Reserved: 2021-05-20T00:00:00

Link: CVE-2021-33396

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-02-15T22:15:11.123

Modified: 2023-02-23T04:59:10.760

Link: CVE-2021-33396

JSON object: View

Redhat Information

No data.

CWE

CWE-352