CVE-2020-21236

HIGH

DamiCMS v6.0 - Cross-Site Request Forgery in Article Edit Endpoint

Title source: llm
STIX 2.1

Description

A vulnerability in /damicms-master/admin.php?s=/Article/doedit of DamiCMS v6.0 allows attackers to compromise and impersonate user accounts via obtaining a user's session cookie.

References (1)

Core 1

Scores

CVSS v3 8.8
EPSS 0.0054
EPSS Percentile 41.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-352
Status published
Products (1)
damicms/damicms 6.0.0
Published Dec 27, 2021
Tracked Since Feb 18, 2026