CVE-2019-20077

EUVD-2019-10633
The Typesetter CMS 5.1 logout functionality is affected by a CSRF vulnerability. The logout function of the admin panel is not protected by any CSRF tokens. An attacker can logout the user using this vulnerability.
CSRF
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 39%
Affected Products (NVD)
VendorProductVersion
typesettercmstypesetter
5.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://fatihhcelik.blogspot.com/2019/12/typesetter-cms-51-logout-csrf_30.html
https://fatihhcelik.blogspot.com/2019/12/typesetter-cms-51-logout-csrf_30.html