An issue was discovered in idreamsoft iCMS through 7.0.14. A CSRF vulnerability can delete users' articles via the public/api.php?app=user URI.
References
Link | Resource |
---|---|
https://github.com/idreamsoft/iCMS/issues/56 | Exploit Issue Tracking Third Party Advisory |
Configurations
Information
Published : 2019-02-18 06:29
Updated : 2019-02-19 09:17
NVD link : CVE-2019-8902
Mitre link : CVE-2019-8902
JSON object : View
CWE
CWE-352
Cross-Site Request Forgery (CSRF)
Products Affected
idreamsoft
- icms