CVE-2026-46620
MEDIUMe107: CSRF in comment.php moderation endpoints via token-optional validation in session_handler::check()
Title source: cnaDescription
e107 is a content management system (CMS). Prior to 2.3.5, e107 CMS does not properly enforce CSRF token validation on comment moderation actions. The problem comes down to how session_handler::check() handles CSRF tokens. Instead of requiring a token on every state-changing request, it only validates the token if one happens to be present. If there is no token at all, the check is skipped entirely. This vulnerability is fixed in 2.3.5.
References (1)
Core 1
Core References
X_Refsource_Confirm x_refsource_confirm
https://github.com/e107inc/e107/security/advisories/GHSA-m4hh-m278-jwg5
Scores
CVSS v3
6.5
EPSS
0.0013
EPSS Percentile
3.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-285
CWE-352
Status
published
Products (1)
e107inc/e107
< 2.3.5
Published
May 26, 2026
Tracked Since
May 26, 2026