CVE-2020-18326

2022-03-0414:15:37

mitre

www.cve.org

cve-2020-18326

csrf

subrion cms

AI Score

8.8

Confidence

High

EPSS

0.002

Percentile

55.3%

JSON

Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user.

References

intelliants.com

subrion.com

github.com/hamm0nz/CVE-2020-18326