An issue was discovered in TuziCMS v2.0.6. There is a CSRF vulnerability that can add an admin account, as demonstrated by a history.pushState call.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://github.com/yeyinshi/tuzicms/issues/1 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-04-17T19:00:00Z
Updated: 2024-09-17T00:50:28.889Z
Reserved: 2018-04-17T00:00:00Z
Link: CVE-2018-10185
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-04-17T19:29:00.280
Modified: 2024-11-21T03:40:58.180
Link: CVE-2018-10185
Redhat
No data.