Identifier

CVE-2020-5776

Package Slug

packagist/dweeves/magmi

Vulnerability

Cross-Site Request Forgery (CSRF)

Description

MAGMI is vulnerable to CSRF due to the lack of anti-CSRF tokens. RCE (via phpcli command) is possible in the event that a CSRF is leveraged against an existing admin session for MAGMI.

Affected Versions

All versions

Solution

Unfortunately, there is no solution available yet.

Last Modified

2020-09-09

source