In SimpleCE 2.3.0, a CSRF vulnerability can be exploited to add an administrator account (via the index.php/user/new URI) or change its settings (via the index.php/user/1 URI), including its password.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2017-06-15T18:00:00Z

Updated: 2024-09-17T00:16:23.512Z

Reserved: 2017-06-15T00:00:00Z

Link: CVE-2017-9673

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2017-06-15T18:29:00.207

Modified: 2024-11-21T03:36:37.297

Link: CVE-2017-9673

cve-icon Redhat

No data.