CSRF Vulnerability in CmsEasy 6.1_20180508 Allows DoS Attack via Rich Text Editor

CSRF Vulnerability in CmsEasy 6.1_20180508 Allows DoS Attack via Rich Text Editor

CVE-2018-11680 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

An issue was discovered in CmsEasy 6.1_20180508. There is a CSRF vulnerability in the rich text editor that can add an IFRAME element. This might be used in a DoS attack if a referenced remote URL is refreshed at a rapid rate.

Learn more about our Api Penetration Testing.