AI Score
Confidence
High
EPSS
Percentile
43.2%
A cross-site request forgery (CSRF) in MipCMS v5.0.1 allows attackers to arbitrarily escalate user privileges to administrator via index.php?s=/user/ApiAdminUser/itemEdit.
github.com/sansanyun/mipcms5/issues/4