CVE-2018-19291

An issue was discovered in DiliCMS 2.4.0. There is a CSRF vulnerability that can delete a user or group via an admin/index.php/user/del/1 or admin/index.php/role/del/2 URI.
References
Link Resource
https://github.com/chekun/DiliCMS/issues/60 Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:dilicms:dilicms:2.4.0:*:*:*:*:*:*:*

Information

Published : 2018-11-15 06:29

Updated : 2019-04-16 12:37


NVD link : CVE-2018-19291

Mitre link : CVE-2018-19291

Products Affected
No products.
CWE