CVE-2020-26167

2020-11-0416:39:21

mitre

www.cve.org

9.5 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

70.0%

JSON

In FUEL CMS 11.4.12 and before, the page preview feature allows an anonymous user to take complete ownership of any account including an administrator one.

References

excellium-services.com/cert-xlm-advisory/cve-2020-26167/

github.com/daylightstudio/FUEL-CMS/

thedaylightstudio.com/

www.getfuelcms.com/