Cross site request forgery (csrf)

2019-07-1012:15:00

PRIOn knowledge base

www.prio-n.com

8.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.5%

An issue was discovered in Eventum 3.5.0. CSRF in htdocs/manage/users.php allows creating another user with admin privileges.

CPENameOperatorVersion
eventumle3.5.0

CPE	Name	Operator	Version
	eventum	le	3.5.0

References

github.com/eventum/eventum/blob/master/CHANGELOG.md

github.com/eventum/eventum/releases/tag/v3.5.2