Share:

CVE-2020-10793

Critical 8.8

CodeIgniter through 4.0.0 allows remote attackers to gain privileges via a modified Email ID to the "Select Role of the User" page.

Published March 23, 2020.

Affected software

Codeigniter Codeigniter

Get alerts for Codeigniter Codeigniter

Reference links

https://medium.com/@vbharad/account-takeover-via-modifying-email-id-codeigniter-framework-ca30741ad297