MidnightBSD

Advisories for jyuu

CVE-2020-18416

An cross site request forgery (CSRF) vulnerability discovered in Jymusic v2.0.0.,that allows attackers to execute arbitrary code via /admin.php?s=/addons/config.html&id=6 to modify payment information.

Products Affected

Vendor Product Version
jyuu jymusic 2.0.0