Intrusion Prevention

LFCMS.3.7.0.PHP.Admin.CSRF

Description

This indicates an attack attempt to exploit a Cross-Site Request Forgery Vulnerability in LFCMS.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. An attacker may exploit this to hijack requests to add an administrative user.

Affected Products

LFCMS 3.7.0

Impact

Privilege Escalation: Remote attackers can leverage their privileges on vulnerable systems.

Recommended Actions

Currently we are unaware of any vendor supplied patch for this issue.

Other References

44918 44919