CVE-2020-36534

MEDIUM

easyiicms - Cross-Site Request Forgery in /admin/sign/out

Title source: llm
STIX 2.1

Description

A vulnerability was found in easyii CMS. It has been classified as problematic. Affected is an unknown function of the file /admin/sign/out. The manipulation leads to cross site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

References (2)

Core 2
Core References
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
https://vuldb.com/?id.160278

Scores

CVSS v3 4.3
EPSS 0.0043
EPSS Percentile 34.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-352
Status published
Products (2)
easyiicms/easyiicms
noumo/easyii 0Packagist
Published Jun 07, 2022
Tracked Since Feb 18, 2026