cvedb.io
CVE-2022-37730
HIGH · CVSS 8.8
EPSS exploitation probability: 0%
Published 2022-09-07T15:15:08.340 · Last modified 2026-06-17T04:55:12.507

Summary

In ftcms 2.1, there is a Cross Site Request Forgery (CSRF) vulnerability in the PHP page, which causes the attacker to forge a link to trick him to click on a malicious link or visit a page containing attack code, and send a request to the server (corresponding to the identity authentication information) as the victim without the victim's knowledge.

Affected products

ftcms — ftcms

Does this affect you?

Add your gear to cvedb and we'll alert you only when ftcms ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.