CVE-2022-41474 Information

Description

RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily change the password of any account.

Reference

https://github.com/ralap-z/rpcms/issues/3