Vulnerability Details CVE-2020-23342
A CSRF vulnerability exists in Anchor CMS 0.12.7 anchor/views/users/edit.php that can change the Delete admin users.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.092
EPSS Ranking 92.3%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.8
References
- http://anchorcms.com/
- http://packetstormsecurity.com/files/161048/Anchor-CMS-0.12.7-Cross-Site-Request-Forgery.html
- https://anchorcms.com/
- https://twitter.com/NinadMishra5/status/1350077938176151558
- http://anchorcms.com/
- http://packetstormsecurity.com/files/161048/Anchor-CMS-0.12.7-Cross-Site-Request-Forgery.html
- https://anchorcms.com/
- https://twitter.com/NinadMishra5/status/1350077938176151558
Products affected by CVE-2020-23342
-
cpe:2.3:a:anchorcms:anchor_cms:0.12.7