Vulnerabilities > CVE-2020-36610 - Incorrect Authorization vulnerability in Duxcms Project Duxcms 2.1

CVSS 8.0 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

duxcms-project

CWE-863

NVD

Published: 2022-12-08

Updated: 2023-11-07

Summary

A vulnerability was found in annyshow DuxCMS 2.1. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-215116.

Vulnerable Configurations

Part	Description	Count
Application	Duxcms_Project Duxcms Project Duxcms 2.1	1

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://gitee.com/annyshow/DuxCMS2.1/issues/I183GG
https://vuldb.com/?id.215116