CVE-2021-29334: CSRF
First published: Wed Nov 23 2022(Updated: )
An issue was discovered in JIZHI CMS 1.9.4. There is a CSRF vulnerability that can add an admin account via index, /admin.php/Admin/adminadd.html
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Jizhicms Jizhicms | =1.9.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this JIZHI CMS issue?
The vulnerability ID for this JIZHI CMS issue is CVE-2021-29334.
What is the severity of CVE-2021-29334?
The severity of CVE-2021-29334 is high, with a severity score of 8.8.
How does the CSRF vulnerability in JIZHI CMS 1.9.4 work?
The CSRF vulnerability in JIZHI CMS 1.9.4 allows an attacker to add an admin account via the index or /admin.php/Admin/adminadd.html page.
How can I fix the CSRF vulnerability in JIZHI CMS 1.9.4?
To fix the CSRF vulnerability in JIZHI CMS 1.9.4, it is recommended to update to a version that has fixed the issue or apply any available patches or security updates.
Where can I find more information about the JIZHI CMS CSRF vulnerability?
More information about the JIZHI CMS CSRF vulnerability can be found at the following reference: [https://gist.github.com/yinfei6/17bbeece7cf5a8f9c31f7a517d85b247](https://gist.github.com/yinfei6/17bbeece7cf5a8f9c31f7a517d85b247).
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/event
- agent/weakness
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/jizhicms
- canonical/jizhicms jizhicms
- version/jizhicms jizhicms/1.9.4