5.9 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
43.6%
Subrion CMS 4.0.5 has CSRF in admin/blocks/add/. The attacker can create any block, and can optionally insert XSS via the content parameter.
admin/blocks/add/
github.com/intelliants/subrion
nvd.nist.gov/vuln/detail/CVE-2017-6068
web.archive.org/web/20210126223835/www.securityfocus.com/bid/97091