Xcms : Security Vulnerabilities, CVEs, Published In 2007 (CSRF) CVSS score >= 3
Cross-site request forgery (CSRF) vulnerability in the cpass functionality in an admin action in index.php in XCMS allows remote attackers to change arbitrary passwords via certain password_ and rpassword_ parameters, possibly related to timestamp values.
Max CVSS
4.3
EPSS Score
0.55%
Published
2007-09-24
Updated
2018-10-15
1 vulnerabilities found