CVE-2018-16416

CVE-2018-16416

EPSS 0.9%

Cross-site request forgery (CSRF) vulnerability in my_profile/edit?inline= in FUEL CMS 1.4 allows remote attackers to change the administrator's password.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/daylightstudio/FUEL-CMS/issues/481 http://www.iwantacve.cn/index.php/archives/48/