CVE-2016-7904

2017-01-16T06:59:00
ID CVE-2016-7904
Type cve
Reporter cve@mitre.org
Modified 2017-01-27T16:48:00

Description

Cross-site request forgery (CSRF) vulnerability in CMS Made Simple before 2.1.6 allows remote attackers to hijack the authentication of administrators for requests that create accounts via an admin/adduser.php request.