In SimpleCE 2.3.0, a CSRF vulnerability can be exploited to add an administrator account (via the index.php/user/new URI) or change its settings (via the index.php/user/1 URI), including its password.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2017-06-15T18:00:00Z
Updated: 2024-09-17T00:16:23.512Z
Reserved: 2017-06-15T00:00:00Z
Link: CVE-2017-9673
Vulnrichment
No data.
NVD
Status : Modified
Published: 2017-06-15T18:29:00.207
Modified: 2024-11-21T03:36:37.297
Link: CVE-2017-9673
Redhat
No data.