Multiple cross-site request forgery (CSRF) vulnerabilities in the Admin Console in Fork prior to 5.8.3 allows remote malicious users to perform unauthorized actions as administrator to (1) approve the mass of the user's comments, (2) restoring a deleted user, (3) installing or running modules, (4) resetting the analytics, (5) pinging the mailmotor api, (6) uploading things to the media library, (7) exporting locale.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fork-cms fork cms |