_RealmAdmin/login.asp in Realm CMS 2.3 and previous versions allows remote malicious users to bypass authentication and access admin pages via certain modified cookies, probably including (1) cUserRole, (2) cUserName, and (3) cUserID.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
realm project realm cms 2.3 |