CVE-2020-18416 Information

Description

An cross site request forgery (CSRF) vulnerability discovered in Jymusic v2.0.0.that allows attackers to execute arbitrary code via /admin.php?s=/addons/config.html&id=6 to modify payment information.

Reference

https://github.com/dtorp06/jymusic/issues/1