CVE-2018-16416

2022-10-0316:22:12

mitre

www.cve.org

cve-2018-16416

cross-site request forgery

fuel cms

remote attackers

administrator's password

8.8 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.7%

JSON

Cross-site request forgery (CSRF) vulnerability in my_profile/edit?inline= in FUEL CMS 1.4 allows remote attackers to change the administrator’s password.

References

www.iwantacve.cn/index.php/archives/48/

github.com/daylightstudio/FUEL-CMS/issues/481