2020-05-21 21:51:03
mitre
PUBLISHED
Gila CMS before 1.11.6 allows CSRF with resultant XSS via the admin/themes URI, leading to compromise of the admin account.