Multiple cross-site request forgery (CSRF) vulnerabilities in Subrion CMS prior to 2.2.3 allow remote malicious users to hijack the authentication of administrators for requests that add, delete, or modify sensitive information, as demonstrated by adding an administrator account via an add action to admin/accounts/add/.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
intelliants subrion cms 2.0.4 |
||
intelliants subrion cms |
||
intelliants subrion cms 2.2.1 |
||
intelliants subrion cms 2.2.0 |