CVE-2018-18449

Publication date

2019-03-07 22:00:00

Family

mitre

State

PUBLISHED

Description

EmpireCMS 7.5 allows CSRF for adding a user account via an enews=AddUser action to e/admin/user/ListUser.php, a similar issue to CVE-2018-16339.