High severity7.1NVD Advisory· Published Mar 15, 2017· Updated Jun 17, 2026
CVE-2017-6914
CVE-2017-6914
Description
CSRF exists in BigTree CMS 4.1.18 and 4.2.16 with the id parameter to the admin/ajax/users/delete/ page. A user can be deleted.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:bigtreecms:bigtree_cms:4.1.8:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:bigtreecms:bigtree_cms:4.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:bigtreecms:bigtree_cms:4.2.16:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
1- github.com/bigtreecms/BigTree-CMS/issues/275nvdPatchVendor Advisory
News mentions
0No linked articles in our index yet.