CVE-2015-2083

Ilch CMS - Cross-Site Request Forgery via Profile Field Addition

Title source: llm
STIX 2.1

Description

Cross-site request forgery (CSRF) vulnerability in Ilch CMS allows remote attackers to hijack the authentication of administrators for requests that add a value to a profile field via a profilefields request to admin.php.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/74898

Scores

EPSS 0.0064
EPSS Percentile 46.3%

Details

CWE
CWE-352
Status published
Products (1)
ilch/cms
Published Feb 25, 2015
Tracked Since Feb 18, 2026