CVE-2020-19264

Published: 2021-09-09T18:15Z

Last Modified: 2024-11-21T05:09Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

A cross-site request forgery (CSRF) in MipCMS v5.0.1 allows attackers to arbitrarily add users via index.php?s=/user/ApiAdminUser/itemAdd. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt