CVE-2020-6949

A privilege escalation issue was discovered in the postUser function in HashBrown CMS through 1.3.3. An editor user can change the password hash of an admin user's account, or otherwise reconfigure that account.
References
Link Resource
https://github.com/HashBrownCMS/hashbrown-cms/issues/327 Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:hashbrowncms:hashbrown_cms:*:*:*:*:*:*:*:*

Information

Published : 2020-01-13 07:15

Updated : 2020-01-17 04:09


NVD link : CVE-2020-6949

Mitre link : CVE-2020-6949

Products Affected
No products.
CWE