CVE-2024-50966

Published Nov 8, 2024

Last updated 9 days ago

CVSS critical 9.3

Overview

Description: dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/doAdminAction.php?act=addAdmin.
Source: cve@mitre.org
NVD status: Awaiting Analysis

Risk scores

CVSS 3.1

Type: Secondary
Base score: 9.3
Impact score: 5.8
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
Severity: CRITICAL

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-352

Hype score: Not currently trending

CVE-2024-50966 Cross-Site Request Forgery in Dingfanzu CMS V1.0 Admin Action dingfanzu CMS V1.0 has a Cross-Site Request Forgery (CSRF) issue. This problem occurs through the /admin/doAdminAction.php?act=addAdmin... https://t.co/48DLefxZGL
@VulmonFeeds
8 Nov 2024
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

References