CVE-2016-1172

Publication date

2016-04-06 23:00:00

Family

jpcert

State

PUBLISHED

Description

Cross-site request forgery (CSRF) vulnerability in the Recruit plugin before 0.9.3 for baserCMS allows remote attackers to hijack the authentication of administrators.