2 matches found
CVE-2020-23595
Cross Site Request Forgery CSRF vulnerability in yzmcms version 5.6, allows remote attackers to escalate privileges and gain sensitive information sitemodel/add.html endpoint...
CVE-2020-23595
Summary: CVE-2020-23595 is a CSRF vulnerability in yzmcms 5.6 that affects the sitemodel/add.html endpoint, enabling remote attackers to escalate privileges and access sensitive information. The underlying issue is insufficient CSRF protection, allowing unauthorized requests to that endpoint. The...