CVE-2023-31708: CSRF
First published: Tue May 23 2023(Updated: )
A Cross-Site Request Forgery (CSRF) in EyouCMS v1.6.2 allows attackers to execute arbitrary commands via a supplying a crafted HTML file to the Upload software format function.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Eyoucms Eyoucms | =1.6.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-31708?
CVE-2023-31708 is a Cross-Site Request Forgery (CSRF) vulnerability in EyouCMS v1.6.2.
How does CVE-2023-31708 affect the EyouCMS software?
CVE-2023-31708 allows attackers to execute arbitrary commands by supplying a crafted HTML file to the Upload software format function in EyouCMS v1.6.2.
What is the severity of CVE-2023-31708?
The severity of CVE-2023-31708 is medium with a CVSS score of 4.3.
How can I fix CVE-2023-31708 in EyouCMS v1.6.2?
To fix CVE-2023-31708, it is recommended to update EyouCMS to a version that has addressed this vulnerability or apply the necessary patches provided by the vendor.
Where can I find more information about CVE-2023-31708?
More information about CVE-2023-31708 can be found at the following reference: [link](https://github.com/weng-xianhu/eyoucms/issues/41).
- collector/nvd-index
- vendor/eyoucms
- canonical/eyoucms eyoucms
- version/eyoucms eyoucms/1.6.2