Multiple cross-site request forgery (CSRF) vulnerabilities in the Admin Console in Fork before 5.8.3 allows remote attackers to perform unauthorized actions as administrator to (1) approve the mass of the user's comments, (2) restoring a deleted user, (3) installing or running modules, (4) resetting the analytics, (5) pinging the mailmotor api, (6) uploading things to the media library, (7) exporting locale.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published: 2021-01-11T15:54:01
Updated: 2024-08-04T15:05:11.443Z
Reserved: 2020-08-13T00:00:00
Link: CVE-2020-23960

No data.

Status : Modified
Published: 2021-01-11T16:15:14.930
Modified: 2024-11-21T05:14:15.443
Link: CVE-2020-23960

No data.