CVE-2020-26522 - Garfield Petshop Project Garfield Petshop
Critical 8.8
A cross-site request forgery (CSRF) vulnerability in mod/user/act_user.php in Garfield Petshop through 2020-10-01 allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts.
Affected software
Garfield Petshop Project Garfield Petshop