CVE-2020-20586
CVE-2020-20586 is a CSRF vulnerability in XYHCMS v3.6 that affects the endpoint /xyhai.php?s=/Auth/editUser, enabling an attacker to modify administrator data (name, email, password). The affected component is the XYHCMS CMS, specifically the editUser CSRF path. Root cause and exact code impact a...