VYPR
High severity7.1NVD Advisory· Published Mar 15, 2017· Updated Jun 17, 2026

CVE-2017-6914

CVE-2017-6914

Description

CSRF exists in BigTree CMS 4.1.18 and 4.2.16 with the id parameter to the admin/ajax/users/delete/ page. A user can be deleted.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:bigtreecms:bigtree_cms:4.1.8:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:bigtreecms:bigtree_cms:4.1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:bigtreecms:bigtree_cms:4.2.16:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.