2 matches found
CVE-2016-20054 Nodcms Cross Site Request Forgery via admin endpoints
Nodcms contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious forms. Attackers can trick authenticated administrators into submitting requests to admin/usermanipulate and admin/settings/generall endpoints to...
CVE-2016-20054
CVE-2016-20054 concerns Nodcms and a cross-site request forgery (CSRF) vulnerability that enables unauthorized administrative actions via crafted forms. The issue allows tricking authenticated administrators into submitting requests to admin/user_manipulate and admin/settings/generall endpoints t...