3 matches found
CVE-2018-19545
JEECMS 9.3 has CSRF via the api/admin/role/save URI to add a user...
CVE-2018-19545
JEECMS 9.3 has CSRF via the api/admin/role/save URI to add a user...
CVE-2018-19545
JEECMS 9.3 contains a CSRF vulnerability in the admin endpoint api/admin/role/save that can be abused to add a new user. Root cause is CSRF on the user-creation pathway; impact is user creation with high severity (CVSS3 base score 8.8) as cited in the CVE record. Exploitation details or fix are n...