CVE-2023-43278: CSRF
First published: Mon Sep 25 2023(Updated: )
A Cross-Site Request Forgery (CSRF) in admin_manager.php of Seacms up to v12.8 allows attackers to arbitrarily add an admin account.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Seacms Seacms | <=12.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this CSRF vulnerability in Seacms?
The vulnerability ID for this CSRF vulnerability in Seacms is CVE-2023-43278.
What is the severity level of CVE-2023-43278?
The severity level of CVE-2023-43278 is high (8.8).
How does the CSRF vulnerability in Seacms up to v12.8 occur?
The CSRF vulnerability in Seacms up to v12.8 occurs in the admin_manager.php file and allows attackers to arbitrarily add an admin account.
What is the Common Weakness Enumeration (CWE) ID associated with CVE-2023-43278?
The Common Weakness Enumeration (CWE) ID associated with CVE-2023-43278 is CWE-352.
Are there any references available for more information about this CSRF vulnerability in Seacms?
Yes, you can find more information about this CSRF vulnerability in Seacms at the following references: [http://seacms.com](http://seacms.com), [https://blog.csdn.net/sugaryzheng/article/details/133283101?spm=1001.2014.3001.5501](https://blog.csdn.net/sugaryzheng/article/details/133283101?spm=1001.2014.3001.5501), [https://www.seacms.net/](https://www.seacms.net/).
- collector/nvd-api
- collector/nvd-index
- agent/references
- agent/type
- agent/event
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/seacms
- canonical/seacms seacms
- version/seacms seacms/12.8