Cross Site Request Forgery Vulnerability in SemCms by SemCms Team
CVE-2026-39170
6.3MEDIUM
What is CVE-2026-39170?
SemCms version 5.0 is susceptible to a Cross Site Request Forgery (CSRF) attack, which can be exploited through specially crafted POST requests targeting the /admin/semcms_user.php endpoint. This vulnerability allows an attacker to perform unauthorized actions on behalf of authenticated users, potentially compromising sensitive user data and system integrity.
