Security Advisory

CVE-2020-10057

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-03-04 18:03:36

Last updated 2024-08-04 10:50:57

Assigner mitre

State PUBLISHED

Description

GeniXCMS 1.1.7 is vulnerable to user privilege escalation due to broken access control. This issue exists because of an incomplete fix for CVE-2015-2680, in which "token" is used as a CSRF protection mechanism, but without validation that "token" is associated with an administrative user.

← Browse all CVEs View on cve.org ↗