Cross Site Request Forgery (CSRF) vulnerability in OECMS v4.3.R60321 and later versions allows unauthorized addition of administrator accounts
CVE-2019-1010112 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
OECMS v4.3.R60321 and v4.3 later is affected by: Cross Site Request Forgery (CSRF). The impact is: The victim clicks on adding an administrator account. The component is: admincp.php. The attack vector is: network connectivity. The fixed version is: v4.3.
Learn more about our Cms Pen Testing.