CVE-2013-7473

CVE-2013-7473

EPSS 0.6%

Windu CMS 2.2 allows CSRF via admin/users/?mn=admin.message.error to add an admin account.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://zeroscience.mk/blog/07/2013/windu-cms-2-2-multiple-stored-xss-and-csrf-vulnerabilities/