Security Advisory

CVE-2022-27432

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-03-29 23:24:46

Last updated 2024-08-03 05:25:32

Assigner mitre

State PUBLISHED

Description

A Cross-Site Request Forgery (CSRF) in Pluck CMS v4.7.15 allows attackers to change the password of any given user by exploiting this feature leading to account takeover.

← Browse all CVEs View on cve.org ↗