Medium severity6.5NVD Advisory· Published Apr 5, 2023· Updated Jun 17, 2026
CVE-2023-0959
CVE-2023-0959
Description
Bhima version 1.27.0 allows a remote attacker to update the privileges of any account registered in the application via a malicious link sent to an administrator. This is possible because the application is vulnerable to CSRF.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Bhima/Bhimadescription
- Range: <1.27.0
Patches
Vulnerability mechanics
References
1- fluidattacks.com/advisories/calamaro/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.