MidnightBSD

Advisories for chyrp-lite_project

CVE-2017-1000008 MEDIUM

Chyrp Lite version 2016.04 is vulnerable to a CSRF in the user settings function allowing attackers to hijack the authentication of logged in users to modify account information, including their password.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
chyrp-lite_project chyrp_lite 2016.04