CVE-2019-13056

An issue was discovered in CyberPanel through 1.8.4. On the user edit page, an attacker can edit the administrator's e-mail and password because of the lack of CSRF protection.
References
Link Resource
http://packetstormsecurity.com/files/153492/CyberPanel-1.8.4-Cross-Site-Request-Forgery.html Exploit Third Party Advisory VDB Entry
https://cyberpanel.net/category/news/ Release Notes Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:cyberpanel:cyberpanel:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-07-02 16:15

Updated : 2024-02-28 17:08


NVD link : CVE-2019-13056

Mitre link : CVE-2019-13056

CVE.ORG link : CVE-2019-13056


JSON object : View

Products Affected

cyberpanel

  • cyberpanel
CWE
CWE-352

Cross-Site Request Forgery (CSRF)