CVE-2018-3783

Summary

A privilege escalation detected in flintcms versions <= 1.1.9 allows account takeover due to blind MongoDB injection in password reset.

Affected Software

VendorProductVersion RangeStatus
https://github.com/JasonEtcoflintcms1.1.10affected

Weaknesses

  • Privilege Escalation (CAPEC-233)

ADP Enrichment

CVE Program Container

Additional References

References