Vulnerabilities > Xyhcms > Xyhcms > 3.5

DATE CVE VULNERABILITY TITLE RISK
2018-07-24 CVE-2018-14583 Cross-Site Request Forgery (CSRF) vulnerability in Xyhcms 3.5
xyhai.php?s=/Auth/addUser in XYHCMS 3.5 allows CSRF to add a background administrator account.
network
xyhcms CWE-352
6.8
6.8