Security Advisory

CVE-2020-8439

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-03-07 00:26:41

Last updated 2024-08-04 09:56:28

Assigner mitre

State PUBLISHED

Description

Monstra CMS through 3.0.4 allows remote authenticated users to take over arbitrary user accounts via a modified login parameter to an edit URI, as demonstrated by login=victim to the users/21/edit URI.

← Browse all CVEs View on cve.org ↗