4.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
31.9%
A cross site request forgery (CSRF) vulnerability in the /xyhai.php?s=/Auth/editUser URI of XYHCMS V3.6 allows attackers to edit any information of the administrator such as the name, e-mail, and password.
www.xyhcms.com/Show/download/id/2/at/0.html
xyhcms.com
github.com/0xyu/PHP_Learning/issues/4