3 matches found
CVE-2020-10057
GeniXCMS 1.1.7 is vulnerable to user privilege escalation due to broken access control. This issue exists because of an incomplete fix for CVE-2015-2680, in which "token" is used as a CSRF protection mechanism, but without validation that "token" is associated with an administrative user...
CVE-2020-10057
GeniXCMS 1.1.7 is vulnerable to user privilege escalation due to broken access control. This issue exists because of an incomplete fix for CVE-2015-2680, in which "token" is used as a CSRF protection mechanism, but without validation that "token" is associated with an administrative user...
CVE-2020-10057
GeniXCMS 1.1.7 is affected by a user privilege escalation due to broken access control. The issue stems from an incomplete fix for CVE-2015-2680, where a CSRF token was used without validating that the token is tied to an administrative user. No patch/version remediation details are provided in t...