Unrated severityNVD Advisory· Published Sep 18, 2012· Updated Jun 16, 2026
CVE-2012-1901
CVE-2012-1901
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in FlexCMS 3.2.1 and earlier allow remote attackers to (1) hijack the authentication of users for requests that change account settings via a request to index.php/profile-edit-save or (2) hijack the authentication of administrators for requests that add a new page via a request to admin/pages-new-save.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.