EPSS
Percentile
44.9%
Subrion CMS 4.1.5 (and possibly earlier versions) allow CSRF to change the administrator password via the panel/members/edit/1 URI.
panel/members/edit/1
github.com/intelliants/subrion
github.com/intelliants/subrion/blob/c8aaeb04f44554e454be9763527a7be7fbe7bfd5/changelog.txt#L899
github.com/intelliants/subrion/issues/638
nvd.nist.gov/vuln/detail/CVE-2018-21037