Unrated severityNVD Advisory· Published Jun 4, 2021· Updated Aug 4, 2024
CVE-2020-36140
CVE-2020-36140
Description
BloofoxCMS 0.5.2.1 allows Cross-Site Request Forgery (CSRF) via 'mode=settings&page=editor', as demonstrated by use of 'mode=settings&page=editor' to change any file content (Locally/Remotely).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- BloofoxCMS/BloofoxCMSdescription
- Range: = 0.5.2.1
Patches
Vulnerability mechanics
References
1- muteb.io/2020/12/29/BloofoxCMS-Multiple-Vulnerabilities.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.