Security Advisory

CVE-2020-20586

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-07-08 15:44:32

Last updated 2024-08-04 14:22:24

Assigner mitre

State PUBLISHED

Description

A cross site request forgery (CSRF) vulnerability in the /xyhai.php?s=/Auth/editUser URI of XYHCMS V3.6 allows attackers to edit any information of the administrator such as the name, e-mail, and password.

← Browse all CVEs View on cve.org ↗