First published: Mon Oct 29 2018(Updated: )
A CSRF issue was discovered in SEMCMS 3.4 via the admin/SEMCMS_User.php?Class=add&CF=user URI.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Sem-cms Semcms | =3.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2018-18742 is high with a CVSS score of 8.8.
The CSRF issue in SEMCMS 3.4 occurs via the admin/SEMCMS_User.php?Class=add&CF=user URI.
SEMCMS version 3.4 is affected by CVE-2018-18742.
To fix the CSRF issue in SEMCMS 3.4, update to a version that has a patch for this vulnerability or apply the recommended security measures provided by the vendor.
More information about the CSRF issue in SEMCMS 3.4 can be found at the following link: [https://github.com/AvaterXXX/SEMCMS/blob/master/CSRF.md](https://github.com/AvaterXXX/SEMCMS/blob/master/CSRF.md)