| Título | SeaCms V13.0 Cross-Site Request Forgery |
|---|
| Descripción | A Cross-Site Request Forgery (CSRF) vulnerability has been identified in SeaCms V13.0. This vulnerability allows an attacker to change a user's password without their consent by tricking them into visiting a malicious webpage. |
|---|
| Fuente | ⚠️ https://github.com/HuaQiPro/seacms/issues/30 |
|---|
| Usuario | jiashenghe (UID 39445) |
|---|
| Sumisión | 2024-07-24 04:50 (hace 2 años) |
|---|
| Moderación | 2024-07-27 22:14 (4 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 272575 [SeaCMS 13.0 Password Change member.php?action=chgpwdsubmit newpwd/newpwd2 falsificación de solicitudes en sitios cruzados] |
|---|
| Puntos | 16 |
|---|