CVE-2018-14029

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-14029

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-14029.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-14029

Published

2018-07-13T02:29:00.217Z

Modified

2025-11-20T10:46:34.305378Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

CSRF vulnerability in admin/user/edit in Creatiwity wityCMS 0.6.2 allows an attacker to take over a user account, as demonstrated by modifying the account's email field.

References

https://github.com/Creatiwity/wityCMS/issues/153
https://www.exploit-db.com/exploits/45127/

Affected packages

Git / github.com/creatiwity/witycms

Affected ranges

Type: GIT
Repo: https://github.com/creatiwity/witycms
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

07865b7167085c7580e3033d3ab6978583163e97

Affected versions

0.*

0.3.0

0.4.0

0.5.0

0.6.0

0.6.0-beta1

0.6.1

0.6.2