Multiple cross-site request forgery (CSRF) vulnerabilities in the Admin Console in Fork before 5.8.3 allows remote attackers to perform unauthorized actions as administrator to (1) approve the mass of the user's comments, (2) restoring a deleted user, (3) installing or running modules, (4) resetting the analytics, (5) pinging the mailmotor api, (6) uploading things to the media library, (7) exporting locale.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-01-11T15:54:01
Updated: 2024-08-04T15:05:11.443Z
Reserved: 2020-08-13T00:00:00
Link: CVE-2020-23960
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-01-11T16:15:14.930
Modified: 2024-11-21T05:14:15.443
Link: CVE-2020-23960
Redhat
No data.