SecBoard
Zurück zur CVE-Übersicht

CVE-2020-20586

MEDIUM(4.5)

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N

Risk Signal Score11/100 — NIEDRIG
  • CVSS 4.5 — Mittel

EPSS-Score

1%

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

4.5

Technische Schwere

Beschreibung

A cross site request forgery (CSRF) vulnerability in the /xyhai.php?s=/Auth/editUser URI of XYHCMS V3.6 allows attackers to edit any information of the administrator such as the name, e-mail, and password.

Referenzen