Multiple cross-site request forgery (CSRF) vulnerabilities in the Admin Console in Fork before 5.8.3 allows remote attackers to perform unauthorized actions as administrator to (1) approve the mass of the user's comments, (2) restoring a deleted user, (3) installing or running modules, (4) resetting the analytics, (5) pinging the mailmotor api, (6) uploading things to the media library, (7) exporting locale.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2021-01-11T15:54:01

Updated: 2024-08-04T15:05:11.443Z

Reserved: 2020-08-13T00:00:00

Link: CVE-2020-23960

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-01-11T16:15:14.930

Modified: 2024-11-21T05:14:15.443

Link: CVE-2020-23960

cve-icon Redhat

No data.