CVE-2023-1937

Summary

A vulnerability, which was classified as problematic, was found in zhenfeng13 My-Blog. Affected is an unknown function of the file /admin/configurations/userInfo. The manipulation of the argument yourAvatar/yourName/yourEmail leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The identifier of this vulnerability is VDB-225264.

Affected Software

VendorProductVersion RangeStatus
zhenfeng13My-Blogn/aaffected

Weaknesses

  • CWE-352: CWE-352 Cross-Site Request Forgery

ADP Enrichment

CVE Program Container

Additional References

References