Home / Early Warning / Vulnerabilidades / CVE-2021-31631

CVE-2021-31631

Type: 
Cross-Site Request Forgery (CSRF)
Severity: 
Medium
Publication date: 
12/06/2021
Last modified: 
12/07/2021
Description
b2evolution CMS v7.2.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the User login page. This vulnerability allows attackers to escalate privileges.
Impact
Access Vector: Through network
Access Complexity: Media
Authentication: Not required to exploit
Impact Type: Partially affects on system integrity + Partially affects on system confidentiality + Partially affects on system availability
Vulnerable software and versions
  • cpe:2.3:a:b2evolution:b2evolution_cms:7.2.3:*:*:*:*:*:*:*
To consult the complete list of products and versions see this page
References to Advisories, Solutions, and Tools
Explanation of fields