An issue was discovered in QuickAppsCMS (aka QACMS) through 2.0.0-beta2. A CSRF vulnerability can change the administrator password via the user/me URI.
CPE | Name | Operator | Version |
---|---|---|---|
quickapps_cms | eq | 2.0.0 beta2 | |
quickapps_cms | eq | 2.0.0 beta1 | |
quickapps_cms | le | 1.1.2 |