CVE-2018-12603

Cross-site request forgery (CSRF) vulnerability in admin.php in LFCMS 3.7.0 allows remote attackers to hijack the authentication of unspecified users for requests that add administrator users via the s parameter, a related issue to CVE-2018-12114.
Configurations

Configuration 1

cpe:2.3:a:lfdycms:lfcms:3.7.0:*:*:*:*:*:*:*

Information

Published : 2018-06-25 08:29

Updated : 2018-08-27 05:34


NVD link : CVE-2018-12603

Mitre link : CVE-2018-12603

Products Affected
No products.
CWE