High severity8.0NVD Advisory· Published May 2, 2022· Updated Jun 17, 2026
CVE-2022-23904
CVE-2022-23904
Description
Rainworx Auctionworx < 3.1R2 is vulnerable to a Cross-Site Request Forgery (CSRF) attack that allows an authenticated user to upgrade his account to admin and gain access to the auctionworx admin control panel. This vulnerability affects AuctionWorx Enterprise and AuctionWorx: Events Edition.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Rainworx/Auctionworxdescription
- Range: <3.1R2
- Range: <3.1R2
- Range: <3.1R2
Patches
Vulnerability mechanics
References
2- ebereorisi.com/blog/account-privilege-upgrade-on-auctionworx-software-cve-2022-23904/nvdExploitThird Party Advisory
- www.rainworx.comnvdVendor Advisory
News mentions
0No linked articles in our index yet.