Vulnerabilities > Xyhcms > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-24 CVE-2018-14583 Cross-Site Request Forgery (CSRF) vulnerability in Xyhcms 3.5
xyhai.php?s=/Auth/addUser in XYHCMS 3.5 allows CSRF to add a background administrator account.
network
low complexity
xyhcms CWE-352
8.8
8.8