Vulnerability Details CVE-2021-31677
An issue was discovered in PESCMS-V2.3.3. There is a CSRF vulnerability that can modify admin and other members' passwords.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 33.8%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References
- https://github.com/RO6OTXX/pescms_vulnerability
- https://github.com/lazyphp/PESCMS-TEAM/issues/7%2C
- https://github.com/two-kisses/pescms_vulnerability%2C
- https://github.com/RO6OTXX/pescms_vulnerability
- https://github.com/lazyphp/PESCMS-TEAM/issues/7%2C
- https://github.com/two-kisses/pescms_vulnerability%2C
Products affected by CVE-2021-31677
-
cpe:2.3:a:pescms:pescms_team:2.3.3