CVE-2022-47130

Publication date

2023-02-03 00:00:00

Family

mitre

State

PUBLISHED

Description

A Cross-Site Request Forgery (CSRF) in Academy LMS before v5.10 allows a discount coupon to be arbitrarily created if an attacker with administrative privileges interacts on the CSRF page.