CSRF Vulnerability in JBMC DirectAdmin 1.55 Allows Unauthorized Creation of Admin Account

CSRF Vulnerability in JBMC DirectAdmin 1.55 Allows Unauthorized Creation of Admin Account

CVE-2019-9625 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

JBMC DirectAdmin 1.55 allows CSRF via the /CMD_ACCOUNT_ADMIN URI to create a new admin account.

Learn more about our Web Application Penetration Testing UK.