Unrated severityNVD Advisory· Published Mar 4, 2020· Updated Aug 4, 2024
CVE-2020-10057
CVE-2020-10057
Description
GeniXCMS 1.1.7 is vulnerable to user privilege escalation due to broken access control. This issue exists because of an incomplete fix for CVE-2015-2680, in which "token" is used as a CSRF protection mechanism, but without validation that "token" is associated with an administrative user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- GeniXCMS/GeniXCMSdescription
Patches
Vulnerability mechanics
References
1- github.com/J3rryBl4nks/GenixCMS/blob/master/CreateAdminBAC.mdmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.