CVE-2021-47800

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2021-47800

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-47800.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-47800

Published

2026-01-16T00:16:24.327Z

Modified

2026-03-15T22:43:17.429846Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

b2evolution 7.2.2 contains a cross-site request forgery vulnerability that allows attackers to modify admin account details without authentication. Attackers can craft a malicious HTML form to submit unauthorized changes to user profiles by tricking victims into loading a specially crafted webpage.

References

https://b2evolution.net/
https://b2evolution.net/downloads/
https://www.exploit-db.com/exploits/50081
https://www.vulncheck.com/advisories/bevolution-edit-account-details-cross-site-request-forgery-csrf
https://github.com/b2evolution/b2evolution

Affected packages

Git /

Affected ranges

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-47800.json"