CVE-2020-25986

MEDIUM

MonoCMS Blog 1.0 - Cross-Site Request Forgery

Title source: llm
STIX 2.1

Description

A Cross Site Request Forgery (CSRF) vulnerability in MonoCMS Blog 1.0 allows attackers to change the password of a user.

References (2)

Core 2
Core References
Product, Vendor Advisory x_refsource_misc
https://monocms.com/download

Scores

CVSS v3 6.5
EPSS 0.0057
EPSS Percentile 43.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Details

CWE
CWE-352
Status published
Products (1)
monocms/monocms 1.0
Published Oct 06, 2020
Tracked Since Feb 18, 2026