Cross-Site Request Forgery in Maccms 10 by Magicblack
CVE-2020-21386

8.8HIGH

Key Information:

Vendor: Maccms
Status: Maccms
Vendor: CVE Published:; 4 October 2021

What is CVE-2020-21386?

A vulnerability in Maccms 10's admin interface allows attackers to exploit Cross-Site Request Forgery, leading to unauthorized escalation of privileges for malicious users. This security flaw exposes the system to potential administrative takeover, enabling attackers to manipulate backend functionalities without proper authentication. Precautionary measures and timely updates are crucial to safeguard against this exploit.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://github.com/magicblack/maccms10/issues/126

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 4, 2021
Vulnerability Reserved
Aug 13, 2020

JSON

Maccms

What is CVE-2020-21386?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.