CVE List


Critical 8.8

A cross-site request forgery (CSRF) vulnerability in mod/user/act_user.php in Garfield Petshop through 2020-10-01 allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts.

Published October 9, 2020.

Affected software

Garfield Petshop Project Garfield Petshop

Reference links

Sign Up for Alerts