daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhancement: cves/2020/CVE-2020-5776.yaml by mp

patch-1
MostInterestingBotInTheWorld 2022-06-28 15:12:50 -04:00
parent 039458fef7
commit 600f1e5d2f
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cves/2020/CVE-2020-5776.yaml
View File

@ -4,7 +4,7 @@ info:
name: MAGMI - Cross-Site Request Forgery
author: dwisiswant0
severity: high
description: MAGMI (Magento Mass Importer) is vulnerable to cross-site request forgery (CSRF) due to the lack of CSRF tokens. Remote code execution (via phpcli command) is also possible in the event that CSRF is leveraged against an existing admin session.
description: MAGMI (Magento Mass Importer) is vulnerable to cross-site request forgery (CSRF) due to a lack of CSRF tokens. Remote code execution (via phpcli command) is also possible in the event that CSRF is leveraged against an existing admin session.
reference:
- https://www.tenable.com/security/research/tra-2020-51
- https://nvd.nist.gov/vuln/detail/CVE-2020-5776