CVE-2019-17369

OTCMS v3.85 has CSRF in the admin/member_deal.php Admin Panel page, leading to creation of a new management group account, as demonstrated by superadmin.

Published : 2019-10-09 11:15 Updated : 2019-10-16 13:43

4.3
CVSS Score More info
Score 4.3 / 10
4.3
Vendor Product Version URI
Otcms Otcms 3.85 cpe:/a:otcms:otcms:3.85
  1. Otcms (1) Search CVE
    1. Otcms (1) Search CVE
      1. 3.85

CWE

ID Name Description Links
CWE-352 Cross-Site Request Forgery (CSRF) The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. CVE

History of changes

Date Event
2019-10-16 13:43
2019-10-09 11:15

New CVE