CVE-2020-21321

Description

emlog v6.0 contains a Cross-Site Request Forgery (CSRF) via /admin/link.php?action=addlink, which allows attackers to arbitrarily add articles.

Related CPE's

References

https://github.com/emlog/emlog/issues/50

CvssV3 impact

CvssV2 impact