High severity8.8OSV Advisory· Published Sep 16, 2018· Updated Jun 17, 2026
CVE-2018-17104
CVE-2018-17104
Description
An issue was discovered in Microweber 1.0.7. There is a CSRF attack (against the admin user) that can add an administrative account via api/save_user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
21.0.3, 1.0.5-fix1, 1.0.6, …+ 1 more
- (no CPE)range: 1.0.3, 1.0.5-fix1, 1.0.6, …
- (no CPE)range: = 1.0.7
Patches
Vulnerability mechanics
References
3- github.com/microweber/microweber/commit/982ea9d5efb7d2306a05644ebc3469dadb33767envdPatchVendor Advisory
- github.com/microweber/microweber/issues/483nvdExploitIssue TrackingThird Party Advisory
- github.com/microweber/microweber/issues/484nvdExploitIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.