High severityNVD Advisory· Published Apr 22, 2022· Updated Aug 3, 2024
CVE-2022-27340
CVE-2022-27340
Description
MCMS v5.2.7 contains a Cross-Site Request Forgery (CSRF) via /role/saveOrUpdateRole.do. This vulnerability allows attackers to escalate privileges and modify data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
net.mingsoft:ms-mcmsMaven | <= 5.2.7 | — |
Affected products
2- MCMS/MCMSdescription
Patches
Vulnerability mechanics
References
3- github.com/advisories/GHSA-g94p-h263-c26qghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-27340ghsaADVISORY
- github.com/UDKI11/vul/blob/main/Mcms%E8%B7%A8%E7%AB%99%E8%AF%B7%E6%B1%82%E4%BC%AA%E9%80%A0.docxghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.