4 matches found
CVE-2023-26840
A cross-site request forgery CSRF vulnerability in ChurchCRM v4.5.3 allows attackers to set a person to a user and set that user to be an Administrator...
CVE-2023-26840
A cross-site request forgery CSRF vulnerability in ChurchCRM v4.5.3 allows attackers to set a person to a user and set that user to be an Administrator...
CVE-2023-26840
CVE-2023-26840 corresponds to a CSRF in ChurchCRM v4.5.3. The vulnerability allows an attacker to convert a target person into a user and grant that user Administrator privileges. Affected component is the ChurchCRM application, version 4.5.3; root cause is CSRF without sufficient request validat...
CVE-2023-26840
A cross-site request forgery CSRF vulnerability in ChurchCRM v4.5.3 allows attackers to set a person to a user and set that user to be an Administrator...