CVE-2020-5776

Summary

Currently, all versions of MAGMI are vulnerable to CSRF due to the lack of CSRF tokens. RCE (via phpcli command) is possible in the event that a CSRF is leveraged against an existing admin session for MAGMI.

Affected Software

VendorProductVersion RangeStatus
n/aMAGMIAll versions of MAGMIaffected

Weaknesses

  • Cross-site Request Forgery (CSRF)

ADP Enrichment

CVE Program Container

Additional References

References