Lucene search

PRIOn knowledge basePRION:CVE-2023-26839

HistoryApr 25, 2023 - 1:15 p.m.

Cross site request forgery (csrf)

2023-04-2513:15:00

PRIOn knowledge base

www.prio-n.com

cross-site request forgery

churchcrm

v4.5.3

attackers

edit

information

4.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.3%

A cross-site request forgery (CSRF) vulnerability in ChurchCRM v4.5.3 allows attackers to edit information for existing people on the site.

CPENameOperatorVersion
churchcrmeq4.5.3

CPE	Name	Operator	Version
	churchcrm	eq	4.5.3

References

github.com/10splayaSec/CVE-Disclosures/tree/main/ChurchCRM/CVE-2023-26839

github.com/ChurchCRM/CRM