Security Advisory

CVE-2020-13157

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-06-23 19:11:54

Last updated 2024-08-04 12:11:19

Assigner mitre

State PUBLISHED

Description

modulesusersadminedit.php in NukeViet 4.4 allows CSRF to change a users password via an admin/index.php?nv=users&op=edit&userid= URI. The old password is not needed.

← Browse all CVEs View on cve.org ↗