Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| intelliants/subrion(Packagist) | 0 | N/A | N/A |
CVSS Metrics
