Design/Logic Flaw

2018-09-1407:29:00

PRIOn knowledge base

www.prio-n.com

8.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.9%

JSON

An issue was discovered in CMS MaeloStore V.1.5.0. There is a CSRF vulnerability that can change the administrator password via admin/modul/users/aksi_users.php?act=update.

CPENameOperatorVersion
cms_maelostoreeq1.5.0

CPE	Name	Operator	Version
	cms_maelostore	eq	1.5.0

References

github.com/maelosoki/MaeloStore/issues/1