Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2020-19263

Disclosure Date: September 09, 2021 (last updated February 23, 2025)
A cross-site request forgery (CSRF) in MipCMS v5.0.1 allows attackers to arbitrarily escalate user privileges to administrator via index.php?s=/user/ApiAdminUser/itemEdit.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0