AI Score
Confidence
High
EPSS
Percentile
46.1%
In SimpleCE 2.3.0, a CSRF vulnerability can be exploited to add an administrator account (via the index.php/user/new URI) or change its settings (via the index.php/user/1 URI), including its password.
packetstormsecurity.com/files/142944/SimpleCE-2.3.0-Cross-Site-Request-Forgery-Cross-Site-Scripting.html