CVE-2022-47132

CVE-2022-47132

EPSS 0.9%

A Cross-Site Request Forgery (CSRF) in Academy LMS before v5.10 allows attackers to arbitrarily add Administrator users.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://portswigger.net/web-security/csrf https://www.linkedin.com/in/xvinicius/https://xpsec.co/blog/academy-lms-5-10-add-admin-csrf