CVE

CVE-2022-23887

CVE-2022-23887

YzmCMS v6.3 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily delete user accounts via /admin/admin_manage/delete.

Source: CVE-2022-23887

Exit mobile version