CVE-2017-6066

2017-03-26T22:59:00
ID CVE-2017-6066
Type cve
Reporter NVD
Modified 2017-03-28T21:59:02

Description

Subrion CMS 4.0.5 has CSRF in admin/languages/edit/1/. The attacker can perform any Edit Language action, and can optionally insert XSS via the title parameter.