CVE-2017-6918

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2017-6918

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-6918.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2017-6918

Published

2017-03-15T16:59:00Z

Modified

2025-04-20T04:01:06.554095Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

CSRF exists in BigTree CMS 4.2.16 with the value[#][*] parameter to the admin/settings/update/ page. The Navigation Social can be changed.

References

Affected packages

Git / github.com/bigtreecms/bigtree-cms

Affected ranges

Type: GIT
Repo: https://github.com/bigtreecms/bigtree-cms
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

3b3ee93cded22331c9b97806f1c40d17baee0a4d

Affected versions

4.*

4.0

4.0.1

4.0.2

4.0.3

4.0RC2

4.0b7

4.0beta2

4.0beta4

4.0beta5

4.0beta6

4.0rc1

4.1

4.1.1

4.1.2

4.1.3

4.1.4

4.1.5

4.1.6

4.2

4.2.10

4.2.11

4.2.12

4.2.13

4.2.14

4.2.15

4.2.16

4.2.2

4.2.3

4.2.4

4.2.5

4.2.6

4.2.7

4.2.8

4.2.9

Other

RC2

v4.*

v4.0b1

v4.0b3