CVE-2020-23342
published 2021-01-19CVE-2020-23342: A CSRF vulnerability exists in Anchor CMS 0.12.7 anchor/views/users/edit.php that can change the Delete admin users.
PriorityP260high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EXPLOIT
EPSS
12.43%
95.7th percentile
A CSRF vulnerability exists in Anchor CMS 0.12.7 anchor/views/users/edit.php that can change the Delete admin users.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| anchorcms | anchor_cms | — | — |
| docsifyjs | docsify | >= 0 < 4.12.0 | 4.12.0 |
Detection & IOCsextracted from sources · hover to see the quote
- →The application uses HTTP GET requests to perform sensitive/destructive actions (user deletion), making CSRF exploitation trivial via a crafted HTML page (exploit.html). Monitor for GET requests to user-deletion endpoints. ↗
- →CSRF attack targets admin user deletion functionality; look for unauthenticated or cross-origin GET requests to Anchor CMS user management endpoints (e.g., paths containing user IDs for deletion). ↗
- ·Anchor CMS 0.12.7 lacks CSRF token protection on sensitive GET-based actions, meaning no token validation is enforced for destructive operations like user deletion. ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
ghsa6.1MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-p669-fw7h-w3hf: A CSRF vulnerability exists in Anchor CMS 0
ghsa_unreviewed·2022-05-24
CVE-2020-23342 [HIGH] CWE-352 GHSA-p669-fw7h-w3hf: A CSRF vulnerability exists in Anchor CMS 0
A CSRF vulnerability exists in Anchor CMS 0.12.7 anchor/views/users/edit.php that can change the Delete admin users.
GHSA
Docsify XSS Vulnerability
ghsa·2021-03-01·CVSS 6.1
CVE-2021-23342 [MEDIUM] CWE-79 Docsify XSS Vulnerability
Docsify XSS Vulnerability
This affects the package docsify before 4.12.0. It is possible to bypass the remediation done by CVE-2020-7680 and execute malicious JavaScript through the following methods 1) When parsing HTML from remote URLs, the HTML code on the main page is sanitized, but this sanitization is not taking place in the sidebar. 2) The isURL external check can be bypassed by inserting more `////` characters
No detection rules found.
No writeups or analysis indexed.
http://anchorcms.com/http://packetstormsecurity.com/files/161048/Anchor-CMS-0.12.7-Cross-Site-Request-Forgery.htmlhttps://anchorcms.com/https://twitter.com/NinadMishra5/status/1350077938176151558http://anchorcms.com/http://packetstormsecurity.com/files/161048/Anchor-CMS-0.12.7-Cross-Site-Request-Forgery.htmlhttps://anchorcms.com/https://twitter.com/NinadMishra5/status/1350077938176151558
2021-01-19
Published