CVE-2020-10057

CVE-2020-10057

GeniXCMS 1.1.7 is vulnerable to user privilege escalation due to broken access control. This issue exists because of an incomplete fix for CVE-2015-2680, in which "token" is used as a CSRF protection mechanism, but without validation that "token" is associated with an administrative user.

Source: CVE-2020-10057

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다