CVE-2022-29647: CSRF
First published: Tue May 31 2022(Updated: )
An issue was discovered in MCMS 5.2.7. There is a CSRF vulnerability that can add an administrator account via ms/basic/manager/save.do.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mingsoft MCMS | =5.2.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2022-29647?
CVE-2022-29647 is a CSRF vulnerability in MCMS 5.2.7 that allows an attacker to add an administrator account via ms/basic/manager/save.do.
What is the severity of CVE-2022-29647?
CVE-2022-29647 has a severity rating of 8.8 (high).
How can the CSRF vulnerability in MCMS 5.2.7 be exploited?
The CSRF vulnerability in MCMS 5.2.7 can be exploited by an attacker to add an administrator account via the ms/basic/manager/save.do endpoint.
What software versions are affected by CVE-2022-29647?
CVE-2022-29647 affects MCMS 5.2.7.
Is there a fix for CVE-2022-29647?
As of now, no specific fix or patch has been released for CVE-2022-29647. It is recommended to contact the vendor for further guidance.
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/mingsoft
- canonical/mingsoft mcms
- version/mingsoft mcms/5.2.7