Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user.
{ "nvd_published_at": "2022-03-04T15:15:00Z", "github_reviewed_at": "2022-03-14T23:03:31Z", "severity": "HIGH", "github_reviewed": true, "cwe_ids": [ "CWE-352" ] }