2.1.0

DATE	CVE	VULNERABILITY TITLE	RISK
2020-02-22	CVE-2020-9341	Cross-Site Request Forgery (CSRF) vulnerability in Auieo Candidats 2.1.0 CandidATS 2.1.0 is vulnerable to CSRF that allows for an administrator account to be added via the index.php?m=settings&a=addUser URI. network low complexity auieo CWE-352	8.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.