RSS   Vulnerabilities for 'FORK'   RSS

2021-01-11
 
CVE-2020-23960

CWE-352
 

 
Multiple cross-site request forgery (CSRF) vulnerabilities in the Admin Console in Fork before 5.8.3 allows remote attackers to perform unauthorized actions as administrator to (1) approve the mass of the user's comments, (2) restoring a deleted user, (3) installing or running modules, (4) resetting the analytics, (5) pinging the mailmotor api, (6) uploading things to the media library, (7) exporting locale.

 

 >>> Vendor: Fork-cms 3 Products
Fork cms
FORK
Forkcms


Copyright 2024, cxsecurity.com

 

Back to Top