Share:

CVE-2020-10793 - Codeigniter Codeigniter

March 23, 2020

Critical 8.8

CodeIgniter through 4.0.0 allows remote attackers to gain privileges via a modified Email ID to the "Select Role of the User" page.

Affected software

Codeigniter Codeigniter

Reference links

https://medium.com/@vbharad/account-takeover-via-modifying-email-id-codeigniter-framework-ca30741ad297

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.