CVE-2023-26841

Publication date

2023-04-25 00:00:00

Family

mitre

State

PUBLISHED

Description

A cross-site request forgery (CSRF) vulnerability in ChurchCRM v4.5.3 allows attackers to change any users password except for the user that is currently logged in.