CVE-2019-17676
17.10.2019, 13:15
app/system/admin/admin/index.class.php in MetInfo 7.0.0beta allows a CSRF attack to add a user account via a doSaveSetup action to admin/index.php, as demonstrated by an admin/?n=admin&c=index&a=doSaveSetup URI.
| Vendor | Product | Version |
|---|---|---|
| metinfo | metinfo | 7.0.0:beta |
𝑥
= Vulnerable software versions
Common Weakness Enumeration