A CSRF vulnerability exists in Anchor CMS 0.12.7 anchor/views/users/edit.php that can change the Delete admin users.
References
Link | Resource |
---|---|
https://twitter.com/NinadMishra5/status/1350077938176151558 | Exploit Third Party Advisory |
https://anchorcms.com/ | Product Vendor Advisory |
http://anchorcms.com/ | Product Vendor Advisory |
http://packetstormsecurity.com/files/161048/Anchor-CMS-0.12.7-Cross-Site-Request-Forgery.html | Exploit Third Party Advisory VDB Entry |
Configurations
Information
Published : 2021-01-19 06:15
Updated : 2021-02-01 07:53
NVD link : CVE-2020-23342
Mitre link : CVE-2020-23342
JSON object : View
CWE
CWE-352
Cross-Site Request Forgery (CSRF)
Products Affected
anchorcms
- anchor_cms