First published: Mon Nov 14 2022(Updated: )
EyouCMS V1.5.9-UTF8-SP1 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Edit Admin Profile module. This vulnerability allows attackers to arbitrarily change Administrator account information.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Eyoucms Eyoucms | =1.5.9 | |
=1.5.9 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-44389 is a Cross-Site Request Forgery (CSRF) vulnerability found in EyouCMS V1.5.9-UTF8-SP1.
CVE-2022-44389 has a severity rating of 6.5 (medium).
CVE-2022-44389 allows attackers to change Administrator account information in EyouCMS V1.5.9-UTF8-SP1.
To fix CVE-2022-44389, it is recommended to update EyouCMS to a version that addresses the CSRF vulnerability.
You can find more information about CVE-2022-44389 at the following reference: [https://github.com/weng-xianhu/eyoucms/issues/30](https://github.com/weng-xianhu/eyoucms/issues/30)