Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in the users module in Zikula Application Framework before 1.2.3 allows remote attackers to hijack the authentication of administrators for requests that change the administrator email address (updateemail action).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Zikula Application Framework 用户模块跨站请求伪造漏洞
Vulnerability Description
Zikula是一个Web应用程序工具包,它允许你运行令人印象深刻的网站和建立强大的在线应用。 Zikula Application Framework的用户模块存在跨站请求伪造(CSRF)漏洞,远程攻击者可劫持管理员对更改管理员邮件地址(updateemail操作)请求的认证,创建新的账户。
CVSS Information
N/A
Vulnerability Type
N/A