Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
b2evolution 7.2.2 - 'edit account details' Cross-Site Request Forgery (CSRF)
Vulnerability Description
b2evolution 7.2.2 contains a cross-site request forgery vulnerability that allows attackers to modify admin account details without authentication. Attackers can craft a malicious HTML form to submit unauthorized changes to user profiles by tricking victims into loading a specially crafted webpage.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
b2evolution CMS 跨站请求伪造漏洞
Vulnerability Description
b2evolution CMS是b2evolution Group开源的一个内容管理系统。 b2evolution CMS 7.2.2版本存在跨站请求伪造漏洞,该漏洞源于跨站请求伪造,可能导致未经身份验证修改管理员账户详情。
CVSS Information
N/A
Vulnerability Type
N/A